SecuritySpy causing Firewall Alert for URL
  • I've just tightened up my network security by installing a pfSense firewall with Snort Intrusion Detection and Protection and it is posting an alert for the IP address (URL

    The description for the Alert is (http_inspect) BARE BYTE UNICODE ENCODING.

    I wouldn't have be surprised to see SecuritySpy "phoning home" to check license validity but I would have expected to see it go to

    I did a little checking and (or actually looks like an ISP in the UK which would make sense given that Ben Software is based in the UK but since my firewall is flagging the communication I'd like to have more info before I let the flagged communication to pass the firewall.

    Anyone have any info that could help me figure this out?

  • Hi Terry,

    This is indeed our server. We use it for a few different things, including "phoning home" to check the validity of the license, and for SecuritySpy to deliver diagnostic information (if you have the "Send diagnostic information back to developer" option enabled in SecuritySpy's Preferences). We also use it for our online store.

    The firewall just gets the IP, and must be doing a reverse DNS lookup on the IP and coming up with (which is the name automatically provided by our ISP, which we don't use) and ignoring or not finding our own domains (like that also point to that IP.
  • Ben,

    Thanks for the reply and info. I'll open your IP in my firewall.


Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!