jdashn 9 Posted December 1, 2020 Share Posted December 1, 2020 As of this morning i'm getting a lot of alerts across the orginization for: hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEgRY8NzrWAjZ4J4grl19QqsePQ= For each alert the last bit of the address changes, but this part is the same: hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEg They all also have a target address of : 104.91.166.211 Just wondering if there is more information on this, what might be causing it, if this is an indicator of a primary infection, etc. Thank you!! Jdashn aparker 1 Quote Link to post Share on other sites
NFear 1 Posted December 1, 2020 Share Posted December 1, 2020 (edited) Same here. One of the applications I use for a long time obviously tries to validate a letsencrypt certificate via OCSP. Looks like a false entry has made it to the internal ESET blacklist. Edited December 1, 2020 by NFear aparker 1 Quote Link to post Share on other sites
Administrators Solution Marcos 3,574 Posted December 1, 2020 Administrators Solution Share Posted December 1, 2020 The FP should be already resolved. You can enforce update of the blacklist by rebooting the machine. jdashn and aparker 2 Quote Link to post Share on other sites
zetafiddler 0 Posted December 1, 2020 Share Posted December 1, 2020 Same problem here. Either X-Plane 11 or some plug-in for it attempts to contact "...ocsp.int-x3.letsencrypt.org..." but gets blocked by ESET Internet Security. Must be recent change as I've not changed X-Plane for several weeks. Quote Link to post Share on other sites
jdashn 9 Posted December 1, 2020 Author Share Posted December 1, 2020 Awesome!! thanks a ton to both of you for your quick replies! aparker 1 Quote Link to post Share on other sites
zetafiddler 0 Posted December 1, 2020 Share Posted December 1, 2020 Thanks Marcos, awesome response! Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.