Just got a pop-up from my security software that ‘plex media server.exe’ was trying to contact 94.102.61.40. Upon searching it may be a malicious IP. Anyway to confirm if it is legit or not?
Most likely a false alarm.
You should however check if you still have old Plex plugins installed. If you do, clear them out (except WebTools, which is still usable).
Inside your Plex data folder is a subfolder named Plug-ins (NOT Plug-in Support)
There should be only one subfolder in there, named Services.bundle.
Remove all others.
Whois reveals:
remarks: +-----------------------------------------------
remarks: | Criminal IP collects port information for only security/research purposes.
remarks: | It only reads the response data from basic port requests,
remarks: | and never utilizes vulnerability scanning or other exploit scripts.
remarks: |
remarks: | Our internet-wide, non-intrusive port scanning does not target specific IP addresses.
remarks: | It differs from malicious acts such as DDoS attacks
remarks: | in that it simply surveys by knocking on the door(port).
remarks: | We will permanently whitelist your IP address upon request.
remarks: | For any inquiries, please contact request@aispera.com
remarks: +-----------------------------------------------
Sounds more white-hat than black-hat.
Thank you.
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.
