Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
IDS flags Blackhole on site, others give clean....avast webshield protects
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: IDS flags Blackhole on site, others give clean....avast webshield protects (Read 1558 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33920
malware fighter
IDS flags Blackhole on site, others give clean....avast webshield protects
«
on:
May 16, 2012, 12:00:06 AM »
Hi forum friends,
See:
http://zulu.zscaler.com/submission/show/a85c1235f6198e18d8c64d3665d103bd-1337118425
a green 15/100 benign (reported there)
http://urlquery.net/report.php?id=55898
flags ET CURRENT_EVENTS Blackhole Landing for prototype catch substr
Discussion of mentioned Emergingthreats sigs for ET CURRENT_EVENTS Possible Request for Blackhole Landing Page (class type:trojan-activity)
-> :
http://permalink.gmane.org/gmane.comp.security.ids.snort.emerging-sigs/16217
(rules given by Kevin Ross)
IDS rules can only be used as additional form of protection and need a fully scaled JS interpreter installed as well next to it.
Malware is flagged as unknown_html_google_malware, but google safebrowsing now gives it as safe.
But the avast webshield flags this as JS:Blacole-K[Trj]
Again my good forum friends we are being protected here by the avast webshield!
polonus
«
Last Edit: May 16, 2012, 01:10:50 AM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Lisandro
Avast team
Certainly Bot
Posts: 67194
Re: IDS flags Blackhole on site, others give clean....avast webshield protects
«
Reply #1 on:
May 16, 2012, 12:55:01 AM »
Thanks for the heads up Polonus
Logged
The best things in life are free.
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
IDS flags Blackhole on site, others give clean....avast webshield protects