Solved

Rndom internet sites redirected to page with error about being blokced by firewall

Posted on 2014-04-28
6
306 Views
Last Modified: 2014-06-04
We have about 70 users. Every now and then some users have reported that the get redirected to webpage that says your Firewall is blocking this site. I have attached an image of the browser page. When I looked at the attached screen shoot it seems like it is being directed to blocked-wescreenshootbsite.com and the error is fake. I am not sure if all users are effected or not since the users that have reported this tell me that it does not happen all the time. This primary happens on knows sites such as youtube, facebook.....
I wonder if there is a common software on their computer that has caused this.
We have Viper antivirus and have a Cisco asa 5505 firewall. I wonder how I could to see if there are others with the same issue. Only 4 people have reported within the last month.
I am going to scan one of the computers using malwarebytes,. Your suggestions are appreciated.
0
Comment
Question by:netcomp
6 Comments
 
LVL 10

Expert Comment

by:Sam Simon Nasser
ID: 40027739
i suggest to run a malware scan on the reported computers.
question: what is your blocking policy or software? i.e. SQUID or TMG? cause the website redirect to www.blocked-website.com .. i tried accessing it but it gives an error as well
blocked.jpg
0
 
LVL 10

Accepted Solution

by:
Rafael earned 500 total points
ID: 40027757
I noticed from your screen shot that you're using OPEN DNS. You need to log into the Open DNS portal for your company and see if you're blocking or controlling these sites through DNS.
0
 
LVL 24

Expert Comment

by:Mohammed Hamada
ID: 40036971
It might be a spyware, try to check your host file if there's anything there or run malwarebaytes.
0
 
LVL 1

Author Comment

by:netcomp
ID: 40039751
You were right. Our DNS servers were pointing to Open DNS. For some reason the old IT admin had are DNS forwarders pointed to Open DNS. I am not sure why he had done that. I replaced it with the ones from our ISP and the issue looks resolved.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question