Re: Blocking phishing URL's

["Stein, Nico Alexander" <STEINN () CUA EDU>]

Since there was some interest how we utilize our Packetlogic to block phishing links I wrote up a small how-to.


https://www.dropbox.com/s/qv47iqnq11uisah/Blocking%20websites%20with%20PacketLogic%20-%20Netman.docx



Regards,
Nico A. Stein
Network Administrator
The Catholic University of America
202-319-6416


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ullman, 
Catherine
Sent: Monday, December 02, 2013 1:15 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Blocking phishing URL's

Thanks.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Stein, 
Nico Alexander
Sent: Monday, December 02, 2013 10:36 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Blocking phishing URL's

We are using our Packetshaper  (Packetlogic) to redirect users to a landing page on campus alerting them they have 
clicked on a phishing link. It's a manual process, but I set up a rule and only need to add the url. Works pretty well, 
plus I see how many hits the rule gets.

Nico



Regards,
Nico A. Stein
Network Administrator
The Catholic University of America
202-319-6416



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ullman, 
Catherine
Sent: Monday, December 02, 2013 10:17 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Blocking phishing URL's

Greetings!

I've been asked to investigate what other institutions are doing to block access to URL's at the edge (i.e. block 
connections when people click on a URL, despite virtual hosting or fastflux DNS).

Feel free to respond privately.  Thanks.

Best,
Cathy


Dr. Catherine J Ullman
Information Security Analyst
Information Security Office
University at Buffalo
cende () buffalo edu<mailto:cende () buffalo edu>