Solved

Rndom internet sites redirected to page with error about being blokced by firewall

Posted on 2014-04-28
6
301 Views
Last Modified: 2014-06-04
We have about 70 users. Every now and then some users have reported that the get redirected to webpage that says your Firewall is blocking this site. I have attached an image of the browser page. When I looked at the attached screen shoot it seems like it is being directed to blocked-wescreenshootbsite.com and the error is fake. I am not sure if all users are effected or not since the users that have reported this tell me that it does not happen all the time. This primary happens on knows sites such as youtube, facebook.....
I wonder if there is a common software on their computer that has caused this.
We have Viper antivirus and have a Cisco asa 5505 firewall. I wonder how I could to see if there are others with the same issue. Only 4 people have reported within the last month.
I am going to scan one of the computers using malwarebytes,. Your suggestions are appreciated.
0
Comment
Question by:netcomp
6 Comments
 
LVL 10

Expert Comment

by:Sam Simon Nasser
ID: 40027739
i suggest to run a malware scan on the reported computers.
question: what is your blocking policy or software? i.e. SQUID or TMG? cause the website redirect to www.blocked-website.com .. i tried accessing it but it gives an error as well
blocked.jpg
0
 
LVL 10

Accepted Solution

by:
Rafael earned 500 total points
ID: 40027757
I noticed from your screen shot that you're using OPEN DNS. You need to log into the Open DNS portal for your company and see if you're blocking or controlling these sites through DNS.
0
 
LVL 23

Expert Comment

by:Mohammed Hamada
ID: 40036971
It might be a spyware, try to check your host file if there's anything there or run malwarebaytes.
0
 
LVL 1

Author Comment

by:netcomp
ID: 40039751
You were right. Our DNS servers were pointing to Open DNS. For some reason the old IT admin had are DNS forwarders pointed to Open DNS. I am not sure why he had done that. I replaced it with the ones from our ISP and the issue looks resolved.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now