Educause Security Discussion mailing list archives
Re: Blocking URLs
From: Robert Lau <Robert.Lau () USC EDU>
Date: Fri, 31 Jul 2015 17:47:01 +0000
We see many phishing sites hosted at Google, Qualtrics, Wix, etc. Layer 3 blocks simply do not work for them or cause significant collateral damage. Plus, blocking at our border, or using OpenDNS, does not protect people reading email on random, unmanaged devices outside our network. Any day now, we will be enabling TAP on our Proofpoint mail gateways. TAP will rewrite all (or possibly only suspicious URLs) found in email and will protect everybody who uses our mail systems. Known bad URLs are automatically blocked. If at some later date we discover that a URL is bad, we can block it and see who had clicked on it. Or at least that's what's supposed to happen. We shall see. Robert Lau Director, Information Systems Security Information Technology Services University of Southern California 213-740-5469 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Chris Green Sent: Friday, July 31, 2015 09:47 To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Blocking URLs All, We are looking for a cost effective solution to prevent users from accessing sites when they fall for phishing attempts. Right now we are blocking IPs for those sites in our firewall, but this is not a great solution for us as we don't want to load up our firewall with these types of rules, and the majority of these sites use dynamic IPs, so it's a temporary fix at best. I wanted to see if anyone had come up with a solution for this dilemma that doesn't involve dropping six figures on an application firewall. Thanks, -C. Chris Green Information Security Officer University of Texas at Tyler
Current thread:
- Re: Blocking URLs, (continued)
- Re: Blocking URLs Barton, Robert (Jul 31)
- Re: Blocking URLs Bob Bayn (Jul 31)
- Re: Blocking URLs Pratt, Benjamin E. (Jul 31)
- Re: Blocking URLs Andre DiMino (Jul 31)
- Re: Blocking URLs Chris Green (Jul 31)
- Re: Blocking URLs Tevlin, Dave (Jul 31)
- Re: Blocking URLs randy (Jul 31)
- Re: Blocking URLs McClenon, Brady (Jul 31)
- Re: Blocking URLs Shamblin, Quinn (Aug 12)