Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Rndom internet sites redirected to page with error about being blokced by firewall

Posted on 2014-04-28
6
Medium Priority
?
310 Views
Last Modified: 2014-06-04
We have about 70 users. Every now and then some users have reported that the get redirected to webpage that says your Firewall is blocking this site. I have attached an image of the browser page. When I looked at the attached screen shoot it seems like it is being directed to blocked-wescreenshootbsite.com and the error is fake. I am not sure if all users are effected or not since the users that have reported this tell me that it does not happen all the time. This primary happens on knows sites such as youtube, facebook.....
I wonder if there is a common software on their computer that has caused this.
We have Viper antivirus and have a Cisco asa 5505 firewall. I wonder how I could to see if there are others with the same issue. Only 4 people have reported within the last month.
I am going to scan one of the computers using malwarebytes,. Your suggestions are appreciated.
0
Comment
Question by:netcomp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 10

Expert Comment

by:Sam Simon Nasser
ID: 40027739
i suggest to run a malware scan on the reported computers.
question: what is your blocking policy or software? i.e. SQUID or TMG? cause the website redirect to www.blocked-website.com .. i tried accessing it but it gives an error as well
blocked.jpg
0
 
LVL 10

Accepted Solution

by:
Rafael earned 2000 total points
ID: 40027757
I noticed from your screen shot that you're using OPEN DNS. You need to log into the Open DNS portal for your company and see if you're blocking or controlling these sites through DNS.
0
 
LVL 24

Expert Comment

by:Mohammed Hamada
ID: 40036971
It might be a spyware, try to check your host file if there's anything there or run malwarebaytes.
0
 
LVL 1

Author Comment

by:netcomp
ID: 40039751
You were right. Our DNS servers were pointing to Open DNS. For some reason the old IT admin had are DNS forwarders pointed to Open DNS. I am not sure why he had done that. I replaced it with the ones from our ISP and the issue looks resolved.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
In this article, we’ll look at how to deploy ProxySQL.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question