nanog mailing list archives
Re: advice dealing with clean-mx
From: Paul Ferguson <fergdawgster () mykolab com>
Date: Tue, 11 Aug 2015 19:23:00 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Follow-up off-list. - - ferg On 8/11/2015 7:06 PM, Michael Bubb wrote:
hello I've lurked on this list for a while - I have an issue that I need help with. I work for a company that does fraud detection we host our servers on physica hardware in managed hosting datacenters (softlayer, hertzer, coresites, etc). Recently we were flagged for malware buy clean-mx. It was the IP of an haproxy loadbalancer. I followed up by following the link to clean-mx. It looked as if the score was based upon information from the following sites: http://www.malwaredomainlist.com https://www.virustotal.com http://urlquery.net When I checked the ip in question against these sites all the checks passed exceptfor one - fortinet. And fortinet indicated that it was an unknown signature - not specifically malware. So it appeared clean. I am hesitant to deal directly with clean-mx as we do not have any existing relationship and frankly a google search turns up many horror stories. I am mindful that these may be the 'stories' of frustrated fraudsters. I honestly do not know how to evaluate this situation. If clean-mx is legit then it would make sense to have a relationship with them . If they are not then how does one deal with them? thank you Michael
- -- Paul Ferguson PGP Public Key ID: 0x54DC85B2 Key fingerprint: 19EC 2945 FEE8 D6C8 58A1 CE53 2896 AC75 54DC 85B2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iF4EAREIAAYFAlXKrgQACgkQKJasdVTchbItgQEAu5l1e8I7wJlLhi8Pweka18T+ Lo93urUoy9lipfag9yEBAMvlKpULyLCtCbUGzneqQhP367wn8TFJFpdpvdufTdIe =xPEu -----END PGP SIGNATURE-----
Current thread:
- advice dealing with clean-mx Michael Bubb (Aug 11)
- Re: advice dealing with clean-mx Paul Ferguson (Aug 11)