When CloneDVD is started up firewall alerts for traffic to/from 138.201.196.156 detected

Discussion in 'CloneDVD' started by PIOHWATTY, Mar 4, 2022.

  1. PIOHWATTY

    PIOHWATTY New Member

    I upgraded my firewall recently and have been getting notices of traffic to/from 138.201.196.156. Only one 124kb packet is in the signature and it was extremely sporadic. I set it for instant push notifications and found that when I launch CloneDVD that it appears that is what is causing the traffic. The firewall is recognizing this as a threat (Tor network). The IP resolves to a few domains from Elby which makes it sound legit to CloneDVD, however since updates are loaded from Redfox.bz, not sure if this is normal traffic expected and what for. I have noticed no change in the behavior of the software since the firewall first started blocking this traffic which leads me to believe it's ok to just suppress the notifications and continue to block it. Please advise and thank you.
     
  2. RedFox 1

    RedFox 1 Super Moderator

    That is Elbys IP address, you should have no issues. its just an alert. Update are only loaded through Elby via Redfox. You should not block that IP, it may affect the program, although I am not sure how, but if you block it and it works then all is good.
     
  3. jerrymess

    jerrymess Member

    What if you disable the update check in CloneDVD (uncheck Preferences | Automatically check for new program version)?
     
  4. RedFox 1

    RedFox 1 Super Moderator

    You may also block the server, and that's not a good thing.
     
  5. DQ

    DQ Well-Known Member

    As someone who does heavy filtering at home I have not found this to be an issue. I allow this particular country and the traffic has never set off anything for me. My guess is the traffic is being misclassified. However that is the thing you need to pay attention to. The IP itself would not be TOR related I do not believe, it would be the traffic or the protocols in use that would tip that off.

    With that said, you could always try blocking it as a test. I suspect it's just to check for updates but if everything else was fine you could just leave it blocked. This is the type of thing i do on the regular and it is easy to reverse. -BUT- , the catch is if it causes issues down the line you have to remember you are blocking it. I have spent hours wondering why something did not work to find that it was self inflicted all along :p
     
  6. James

    James Redfox Development Team Staff Member

    The firewall is wrong.
    What makes you think so? Redfox.bz has nothing to do with CloneDVD or CloneBD.
    What you see is just the update check. You can turn it off, if you like.