Last Updated: 2010-04-30 15:05:43 UTC
by Kevin Liston (Version: 1)
So you’ve just spent your morning digging through web proxy logs figuring out how one of your users managed to get infected with the latest rehash of FakeAV and you’ve got a handful of malicious URLs that you need to block on your perimeter. Let’s also suppose that you hold some goodwill towards your fellow sysadmin and wish to help stop further damage. Where do you start?
Depending on what vendor you use to manage your web proxy filters, you may be helping out by simply protecting yourself. That information should bubble up to their other customers and expand protection. Another way to help smaller organizations and individuals is to share this information with free security solutions.
Google Safe Browsing
Get the biggest bang for your buck by leveraging the Google Search engine which many folks rely on to save them from exposure to typo-squatters and other badness. URLs can be submitted here: http://www.google.com/safebrowsing/report_badware/
Although it’s advertised as web protection for your children, I find it works for parents and grandparents too. You can submit URLs and classify them here: http://www1.k9webprotection.com/support/check-site-rating.php
If you have an OpenDNS account you can submit a domain for tagging as malicious via their dashboard.
If you have a favorite list for submitting the results of your malware research, please leave a comment below.