Educause Security Discussion
mailing list archives
Re: Blocking phishing URL's
From: Kevin Moll <kmoll () VALENCIACOLLEGE EDU>
Date: Mon, 2 Dec 2013 15:41:43 +0000
Would you mind sharing the rule that you have created in the Packetshaper? We have manually been adding the IP's to
our ASA but using the Packeshaper would be a much more logical solution. kmoll () valenciacollege edu<mailto:kmoll ()
valenciacollege edu> if you prefer to send privately.
Manager, Network/Server Systems
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Stein,
Sent: Monday, December 02, 2013 10:39 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Blocking phishing URL's
We are using our Packetshaper (Packetlogic) to redirect users to a landing page on campus alerting them they have
clicked on a phishing link. It's a manual process, but I set up a rule and only need to add the url. Works pretty well,
plus I see how many hits the rule gets.
Nico A. Stein
The Catholic University of America
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE
EDU]<mailto:[mailto:SECURITY () LISTSERV EDUCAUSE EDU]> On Behalf Of Ullman, Catherine
Sent: Monday, December 02, 2013 10:17 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Blocking phishing URL's
I've been asked to investigate what other institutions are doing to block access to URL's at the edge (i.e. block
connections when people click on a URL, despite virtual hosting or fastflux DNS).
Feel free to respond privately. Thanks.
Dr. Catherine J Ullman
Information Security Analyst
Information Security Office
University at Buffalo
cende () buffalo edu<mailto:cende () buffalo edu>