3

A client came back to me this morning saying one of their clients couldn't access the website because their security service was identifying it as a threat. I searched for the particular error, but every result on all 4 pages of Google results were forum users being unable to access that particular forum from work. The error is:

Based on your corporate access policies, this web site has been blocked because it 
has been determined by Web Reputation Filters to be a security threat to your 
computer or the corporate network. This web site has been associated with 
malware/spyware.

Threat Type: Othermalware 
Threat Reason: IP address is either verified as a bot or has misconfigured DNS.

Notification codes: 
(1, MALWARE, Othermalware, IP address is either verified as a bot or has 
misconfigured DNS., BLOCK-MALWARE, 0x03709539, 1311266207.636, 
AAAAGQAAAAAAAAAAJf8ACP8AAAD/AAAAAAAAAAAAAAA=)

This doesn't seem very common but I've been unable to find anyone clear this up from the server side. Thanks so much for any help!

rds
  • 753
  • 5
  • 7
NealJMD
  • 131
  • 1
  • 4

1 Answers1

1

Wow, verified as a bot OR has misconfigured DNS. That's not a wide set of criteria at all. If what you've got in this question is the only info you have to go on, I think you're screwed. Some things that would help you towards a solution, though, include:

  • Find out what bovine excrement is causing the problem. If you've got a product, you can perhaps get onto their help system and get more details on their criteria.
  • Contact the person who is getting blocked and get them to chase the provider of the aforesaid excrement regarding the issue. That rather depends on their level of need for visiting your website; if it's not a corporate requirement, you'll probably be SOL here.
  • Use some DNS checkers, such as http://dnsstuff.com/, to try and identify and fix any legitimate issues that might be present. I'd recommend that become a part of your regular admin practices, by the way -- don't wait until the next issue to check your zone again.
womble
  • 95,029
  • 29
  • 173
  • 228