Home page logo

educause logo Educause Security Discussion mailing list archives

Re: Blocking phishing URL's
From: "Maloney, Michael" <mmaloney () MIDDLESEXCC EDU>
Date: Mon, 2 Dec 2013 16:54:56 +0000

While not the most efficient way to do it, it has worked for large majority of the phishing we get.  I create a zone in 
DNS, and set the hostnames in the URL to point to  It won't work for stuff housed at say Google Docs,  but 
it's been pretty effective here.

A downside to this (or any method at the edge), is there is no way to block them when someone accesses their mail 
remotely (ie web based mail)

Mike Maloney
Sr. System Engineer
Middlesex County College
2600 Woodbridge Avenue
Edison, NJ 08818
Phone: 732-906-7754
Cell: 908-217-2086
Fax: 732-906-4266
Email: mmaloney () middlesexcc edu<mailto:mmaloney () middlesexcc edu>

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ullman, 
Sent: Monday, December 02, 2013 10:17 AM
Subject: [SECURITY] Blocking phishing URL's


I've been asked to investigate what other institutions are doing to block access to URL's at the edge (i.e. block 
connections when people click on a URL, despite virtual hosting or fastflux DNS).

Feel free to respond privately.  Thanks.


Dr. Catherine J Ullman
Information Security Analyst
Information Security Office
University at Buffalo
cende () buffalo edu<mailto:cende () buffalo edu>

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]