Help and Support
Ask a question, report a problem, request a feature...
<<  Back To Forum

Malware client blocks multiple outgoing from Tixati

by michaelho on 2022/04/29 03:28:48 AM    
Malwarebytes Pro continually blocks Tixati access to IP addresses and calls them 'trojan'.
Can anyone explain what these outgoing contacts are for and are they malicious?
by Guest on 2022/04/29 07:59:01 PM    
Does Malwarebytes give you an option to whitelist certain programs? It's normal for Tixati and other p2p software to make lots of connections to different IPs. If Malwarebytes lets you whitelist, Tixati is located here: C:\Program Files\tixati\tixati.exe
by ZarkBit on 2022/04/29 08:02:50 PM    
Because Malwarebytes blacklists IP ranges (e.g. Spam), Malwarebytes always did that, whitelist the client on it.
by notaLamer on 2022/05/02 04:43:51 PM    
These lists are useless, allow me to elaborate:
Scenario 1: VPN service. There are hundreds of users using one VPN server's IP. Someone could setup a Tor node there, another one will knowingly use VPNs to spam, a third user could have malware on their PC that sends spam unbeknownst to them. This server IP gets blacklisted and the user leaves the server forever after 1-2 hours. The blacklist entry remains for months or years. Question: who do you end up blocking here? The next legitimate bittorrent user who uses the same server.

Scenario 2: Temporary servers for abuse. A spammer rents a server for 1 month, starts spamming/searching for vulnerabilities/distributes malware. He got the cheapest possible server but was kicked out after 2 weeks due to reports. The server and IP are now assigned to the next customer who will run a seedbox. The seedbox is only active on Bittorrent and is a good user, does not send spam. But the previous owner caused the IP to be blacklisted and now you're blocking a good seedbox seeder on your end due to an irrelevant + outdated blocklist.

In the end Spamming/Malware IPs = good places for Bittorrent seedboxes. Cheap and reliable.
There's no "bad behaviour" on Bittorrent that's worth banning. Surveillance IPs are a cat & mouse game, you can't detect them reliably. There're no malicious peers who send bad blocks on purpose to stop you from downloading. The peers who upload torrents with malware don't need to be on a specific IP, either random users or the malware creator who could even do that from the home IP. You don't need malware/spam lists for Bittorrent at all. I hope you can make an exemption for Tixati as suggested above.

This web site is powered by Super Simple Server