Threat Level: green Handler on Duty: Jim Clausing

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

How Do I Report Malicious Websites?

Published: 2010-04-30
Last Updated: 2010-04-30 15:05:43 UTC
by Kevin Liston (Version: 1)
10 comment(s)

The Set-up

So you’ve just spent your morning digging through web proxy logs figuring out how one of your users managed to get infected with the latest rehash of FakeAV and you’ve got a handful of malicious URLs that you need to block on your perimeter.  Let’s also suppose that you hold some goodwill towards your fellow sysadmin and wish to help stop further damage.  Where do you start?

Depending on what vendor you use to manage your web proxy filters, you may be helping out by simply protecting yourself.  That information should bubble up to their other customers and expand protection.  Another way to help smaller organizations and individuals is to share this information with free security solutions.
 

Google Safe Browsing

Get the biggest bang for your buck by leveraging the Google Search engine which many folks rely on to save them from exposure to typo-squatters and other badness.  URLs can be submitted here: http://www.google.com/safebrowsing/report_badware/

BlueCoat K9

Although it’s advertised as web protection for your children, I find it works for parents and grandparents too.  You can submit URLs and classify them here: http://www1.k9webprotection.com/support/check-site-rating.php

OpenDNS

If you have an OpenDNS account you can submit a domain for tagging as malicious via their dashboard.
 

Your Turn

If you have a favorite list for submitting the results of your malware research, please leave a comment below.

 

Keywords:
10 comment(s)
Diary Archives