jdashn 9 Posted December 1, 2020 Share Posted December 1, 2020 As of this morning i'm getting a lot of alerts across the orginization for: hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEgRY8NzrWAjZ4J4grl19QqsePQ= For each alert the last bit of the address changes, but this part is the same: hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEg They all also have a target address of : 104.91.166.211 Just wondering if there is more information on this, what might be causing it, if this is an indicator of a primary infection, etc. Thank you!! Jdashn aparker 1 Link to post Share on other sites
NFear 1 Posted December 1, 2020 Share Posted December 1, 2020 (edited) Same here. One of the applications I use for a long time obviously tries to validate a letsencrypt certificate via OCSP. Looks like a false entry has made it to the internal ESET blacklist. Edited December 1, 2020 by NFear aparker 1 Link to post Share on other sites
Administrators Solution Marcos 3,632 Posted December 1, 2020 Administrators Solution Share Posted December 1, 2020 The FP should be already resolved. You can enforce update of the blacklist by rebooting the machine. aparker and jdashn 2 Link to post Share on other sites
zetafiddler 0 Posted December 1, 2020 Share Posted December 1, 2020 Same problem here. Either X-Plane 11 or some plug-in for it attempts to contact "...ocsp.int-x3.letsencrypt.org..." but gets blocked by ESET Internet Security. Must be recent change as I've not changed X-Plane for several weeks. Link to post Share on other sites
jdashn 9 Posted December 1, 2020 Author Share Posted December 1, 2020 Awesome!! thanks a ton to both of you for your quick replies! aparker 1 Link to post Share on other sites
zetafiddler 0 Posted December 1, 2020 Share Posted December 1, 2020 Thanks Marcos, awesome response! Link to post Share on other sites
Recommended Posts