Solved

Rndom internet sites redirected to page with error about being blokced by firewall

Posted on 2014-04-28
6
307 Views
Last Modified: 2014-06-04
We have about 70 users. Every now and then some users have reported that the get redirected to webpage that says your Firewall is blocking this site. I have attached an image of the browser page. When I looked at the attached screen shoot it seems like it is being directed to blocked-wescreenshootbsite.com and the error is fake. I am not sure if all users are effected or not since the users that have reported this tell me that it does not happen all the time. This primary happens on knows sites such as youtube, facebook.....
I wonder if there is a common software on their computer that has caused this.
We have Viper antivirus and have a Cisco asa 5505 firewall. I wonder how I could to see if there are others with the same issue. Only 4 people have reported within the last month.
I am going to scan one of the computers using malwarebytes,. Your suggestions are appreciated.
0
Comment
Question by:netcomp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 10

Expert Comment

by:Sam Simon Nasser
ID: 40027739
i suggest to run a malware scan on the reported computers.
question: what is your blocking policy or software? i.e. SQUID or TMG? cause the website redirect to www.blocked-website.com .. i tried accessing it but it gives an error as well
blocked.jpg
0
 
LVL 10

Accepted Solution

by:
Rafael earned 500 total points
ID: 40027757
I noticed from your screen shot that you're using OPEN DNS. You need to log into the Open DNS portal for your company and see if you're blocking or controlling these sites through DNS.
0
 
LVL 24

Expert Comment

by:Mohammed Hamada
ID: 40036971
It might be a spyware, try to check your host file if there's anything there or run malwarebaytes.
0
 
LVL 1

Author Comment

by:netcomp
ID: 40039751
You were right. Our DNS servers were pointing to Open DNS. For some reason the old IT admin had are DNS forwarders pointed to Open DNS. I am not sure why he had done that. I replaced it with the ones from our ISP and the issue looks resolved.
0

Featured Post

Scamming the Scammers!

Have you ever heard of Scam Baiting?
It's a highly entertaining sport that you can participate in.
Introduction to beating scammers at their own game and how you can help
Share your thoughts, ideas and experiences on the topic.
Links to top Anti-Scam resources provided.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question