Bitcoin Forum
December 10, 2016, 09:02:41 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: AT&T sends botnet warning for 92.243.23.21  (Read 2156 times)
BlueWall
Newbie
*
Offline Offline

Activity: 12



View Profile
October 25, 2011, 02:54:26 AM
 #1


My ISP (AT&T) sends warnings from time to time about connections from my IP to a botnet. These seem to all be related to operating the Bitcoin client. This latest warning includes the target IP which is  92.243.23.21. I understand that the connection to that host is used to boot up the bitcoin client. Is it safe for me to block that IP in my firewall? And, has anyone else seen similar warnings from their ISP about this, or other IP used with the Bitcoin client?

Thanks!
BlueWall
1481360561
Hero Member
*
Offline Offline

Posts: 1481360561

View Profile Personal Message (Offline)

Ignore
1481360561
Reply with quote  #2

1481360561
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481360561
Hero Member
*
Offline Offline

Posts: 1481360561

View Profile Personal Message (Offline)

Ignore
1481360561
Reply with quote  #2

1481360561
Report to moderator
1481360561
Hero Member
*
Offline Offline

Posts: 1481360561

View Profile Personal Message (Offline)

Ignore
1481360561
Reply with quote  #2

1481360561
Report to moderator
error
Hero Member
*****
Offline Offline

Activity: 574



View Profile
October 25, 2011, 02:55:46 AM
 #2

You can tell AT&T to piss off. You can also use the -noirc command line option for the client, but telling AT&T to piss off is more effective.

15UFyv6kfWgq83Pp3yhXPr8rknv9m6581W
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
October 25, 2011, 02:57:34 AM
 #3

I agree with the above poster.

Also tell them that it's not a botnet and the connection is intended and they better stop sending those letters as not to make a fool of themselves and lose some customers because of it...

BlueWall
Newbie
*
Offline Offline

Activity: 12



View Profile
October 25, 2011, 03:07:49 AM
 #4

Thanks!
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
October 27, 2011, 03:19:25 PM
 #5

I agree with the above poster.

Also tell them that it's not a botnet and the connection is intended and they better stop sending those letters as not to make a fool of themselves and lose some customers because of it...

   Agree, but they don't care.  My production machine now includes the -noirc option since my last post about this same topic. However, any time I hook up a new client that I want to connect in that manner they send me the email. I have of course responded, kindly informing them of their ignorance and requesting them to stop spamming me. My replies have gone completely ignored to date.

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
odysseus654
Jr. Member
*
Offline Offline

Activity: 44


View Profile
October 27, 2011, 03:52:04 PM
 #6

With the reputation that IRC in general has gotten over the years, I wouldn't be surprised if any IRC-like communication is declared malicious...
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
October 27, 2011, 07:37:11 PM
 #7

I agree with the above poster.

Also tell them that it's not a botnet and the connection is intended and they better stop sending those letters as not to make a fool of themselves and lose some customers because of it...

   Agree, but they don't care.  My production machine now includes the -noirc option since my last post about this same topic. However, any time I hook up a new client that I want to connect in that manner they send me the email. I have of course responded, kindly informing them of their ignorance and requesting them to stop spamming me. My replies have gone completely ignored to date.

Well, that's clearly a case where you just do to their letters the exact same thing they do to your emails, you ignore them Wink

sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
October 27, 2011, 09:02:33 PM
 #8

I agree with the above poster.

Also tell them that it's not a botnet and the connection is intended and they better stop sending those letters as not to make a fool of themselves and lose some customers because of it...

   Agree, but they don't care.  My production machine now includes the -noirc option since my last post about this same topic. However, any time I hook up a new client that I want to connect in that manner they send me the email. I have of course responded, kindly informing them of their ignorance and requesting them to stop spamming me. My replies have gone completely ignored to date.

Well, that's clearly a case where you just do to their letters the exact same thing they do to your emails, you ignore them Wink

  Shortly after I typed that up I setup a copy/paste auto response to any emails from abuse@att.com informing them that spamming email on their own network is still spam and to kindly leave me the F*&k alone.

  OT; I love receiving phishing emails from people not smart enough to set character limits, etc for the http post form data. ;p I noticed one from 'Western Union' today in the spam folder of a sub acct and figured they could probably use a few gigs worth of bogus usernames and passwords to weed through. ;p

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
Exonumia
Full Member
***
Offline Offline

Activity: 190



View Profile
October 29, 2011, 09:57:40 AM
 #9


You can also have the client skip the IRC bootstrapping by adding:

noirc=1

in your bitcoin.conf file.

You could also use the command line option: add -noirc after the bitcoin launch for example: "bitcoin.exe -noirc"





Gabi
Legendary
*
Offline Offline

Activity: 1050


View Profile
November 05, 2011, 05:44:45 PM
 #10

With the reputation that IRC in general has gotten over the years, I wouldn't be surprised if any IRC-like communication is declared malicious...
They can declare what the fuck they want, it won't change the fact it is legit and we will use it
odysseus654
Jr. Member
*
Offline Offline

Activity: 44


View Profile
November 06, 2011, 12:07:13 AM
 #11

With the reputation that IRC in general has gotten over the years, I wouldn't be surprised if any IRC-like communication is declared malicious...
They can declare what the fuck they want, it won't change the fact it is legit and we will use it

Not saying it isn't legit (and if the problems get too bad it can be disabled as mentioned above or we can use DHT or something) but I've seen a couple AUPs that explicitly mention IRC as something Not To Be Done.  Quick google search shows a thread from 2003 about a datacenter that banned it.

Get as mad as you want at this, a lot of people don't even know what TELNET is these days (recently went to a meeting where someone tried to explain the concept and how it differs from the web).

[Edit] Will "excessive twitter activity" be soon seen as suspicion of a botnet?  What about putting the two concepts together and getting a Bitcoin Twitter botnet?
tlhonmey
Jr. Member
*
Offline Offline

Activity: 37


View Profile
January 19, 2012, 08:58:23 PM
 #12

A-lot of Time & Trouble usually lives up to its name.  Unfortunately their scanning for botnets is most likely completely automated, and I doubt that they are competent enough to have the ability to enter exceptions.  Don't get too mad at them though, they are, at least, _trying_ to protect you from having your accounts hacked.  Even if they are failing miserably.

Non plaudite, iam pecuniam iacite.
1N3nbedLt7PLKLapLbR1Jq7k5rTRGvjEV5
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!