Imon> Setup> Miscellaneous> Website Access Blocking. Lists known websites containing malicious files updated by vendor. Is this a type of host file? if so, where can I find this list?

{QUOTE-> Imon> Setup> Miscellaneous> Website Access Blocking. Lists known websites containing malicious files updated by vendor. Is this a type of host file? if so, where can I find this list? <-QUOTE}As far as I know this is maintained by Eset and comes down like an update/or part of an update.

Cheers ;D

It would appear so, sure would like to know more about it, cannot seem to find any detailed information.

{QUOTE-> ...sure would like to know more about it, cannot seem to find any detailed information. <-QUOTE}We'll have to wait for Marcos or one of the Eset guys to come along with further details.

Cheers ;D

{QUOTE-> Imon> Setup> Miscellaneous> Website Access Blocking. Lists known websites containing malicious files updated by vendor. Is this a type of host file? if so, where can I find this list? <-QUOTE}

IMON sits at winsock (in the LSP chain) and intercepts the http traffic. As soon as you attempt to visit xyz.com it redirects you to the warning page. So a little 'lower' than the host file and not configurable to the user ie. just enable or disable this feature.

for example this list contains all (or approximately all) the websites containing the Trojan.Downloader.Zlob variants. ;)

{QUOTE-> for example this list contains all (or approximately all) the websites containing the Trojan.Downloader.Zlob variants. ;) <-QUOTE}

Yeah ;)

{QUOTE-> Imon> Setup> Miscellaneous> Website Access Blocking. Lists known websites containing malicious files updated by vendor. Is this a type of host file? if so, where can I find this list? <-QUOTE}
i asked the same question here http://www.wilderssecurity.com/showpost.php?p=418965&postcount=137 the answer was no you cant see the list

I've never even seen the warning - if someone knows at least ONE of the sites that generates it, please post a screenshot of the screen we'll see - also - just make sure you obscure the actually link of the site, as posting links to malware or suspected malware is against the TOS of this forum.

cheers

Greg

{QUOTE-> I've never even seen the warning - if someone knows at least ONE of the sites that generates it, please post a screenshot of the screen we'll see <-QUOTE}
Go to v-codec.com and see for youself ;)
And it will popup with this: http://www.wilderssecurity.com/showpost.php?p=766812&postcount=81

I have the Web site block option set but NOD 32 doesn't block me from getting to the site.

{QUOTE-> I have the Web site block option set but NOD 32 doesn't block me from getting to the site. <-QUOTE}

What site do you mean? If it's actually in the blacklist, access to it must be blocked unless you have the HTTP scanner disabled.

{QUOTE-> I have the Web site block option set but NOD 32 doesn't block me from getting to the site. <-QUOTE}


Internet Explorer , Mozilla or what browser do you use ?
And what site are we talking about . :)

v-codec.com probably ...........

{QUOTE-> v-codec.com probably ........... <-QUOTE}

yeah , but p r o b a b l y ;D ;) ;D

{QUOTE-> Internet Explorer , Mozilla or what browser do you use ?
And what site are we talking about . :) <-QUOTE}

Since IMON is browser independant it doesnt make a difference what browser he/she is using.

{QUOTE-> Since IMON is browser independant it doesnt make a difference what browser he/she is using. <-QUOTE}

I know that but sometimes on some computers when Mozilla Firefox is in use , IMON doesn't detect Eicar test file (www.eicar.org)
It is detected only by AMON which is strange .

Note it is only sometimes and not on all computers I know

{QUOTE-> I know that but sometimes on some computers when Mozilla Firefox is in use , IMON doesn't detect Eicar test file (www.eicar.org)
It is detected only by AMON which is strange . <-QUOTE}

This happens if SSL is used to get eicar from www.eicar.org.

{QUOTE-> I know that but sometimes on some computers when Mozilla Firefox is in use , IMON doesn't detect Eicar test file (www.eicar.org)
It is detected only by AMON which is strange .

Note it is only sometimes and not on all computers I know <-QUOTE}
All they gotta do is change higher compatibility to higher efficiency in IMON. Done deal.
SSL cant be scanned obviously.

One must have higher efficiency set to have the sites blocked. That does not make sense. It is website blocking not individual files. It does explain why some people were able to access the sites.

{QUOTE-> This happens if SSL is used to get eicar from www.eicar.org. <-QUOTE}

I am not talking about SSL . I know that SSL is not being scanned.

Maybe Brian's suggestion would work but as I said this happends just sometimes and just on Firefox

{QUOTE-> Internet Explorer , Mozilla or what browser do you use ?
And what site are we talking about . :) <-QUOTE}

It is v-codec.com using Opera 9 Beta Ver 8473.

It blocks that site here in Firefox, IE & Opera. I don't use other browers so can't comment on those :)