Which Type Of Sites Are Suitable For Blacklisting

[Chiron]

Hello, I wasn't exactly sure where to post this so I'm posting it in this section. Please move it if this is the wrong section for this type of question.

I have written an article about How to Report Dangerous Sites. It can be found on this page:
http://www.techsupportalert.com/cont...s-websites.htm

I am trying to make sure that I have assigned these services to the correct categories. Thus, I would like to get some more information.

What type of dangerous sites can be reported to Eset and what is done with those reported sites? Does Eset accept malicious sites, phishing sites, sites promoting hate, etc...? What type of sites can be reported?

Thank you.

[dwomack]

ESET will accept any files or URLs to our Labs for inspection. Of course the Virus labs are only going to check the site for malware such as malicious code, viruses, trojans, adware, etc. Due to the number of samples sent to the Virus Labs each day, they aren't always able to respond with more information but to check the status, a user only has to have ESET installed and attempt to access the website.

[Chiron]

So does this mean that only malicious sites will be blacklisted? Phishing sites, etc will not be blacklisted.

Is this correct?

[agoretsky]

Hello,

ESET's primary focus in blacklisting is to block sites hosting code that is malicious, or at least potentially unwanted. That said, sites involved in other cybercrime ecosystem are investigated as as well, and can be submitted to the virus lab*.

Regards,

Aryeh Goretsky

*Technically speaking, it's more of a malware and cybercrime research lab these days, but the naming is something of a holdover from when ESET started, and classic computer viruses were what they saw.

[Chiron]

Quote:

Originally Posted by agoretsky

Hello,

ESET's primary focus in blacklisting is to block sites hosting code that is malicious, or at least potentially unwanted. That said, sites involved in other cybercrime ecosystem are investigated as as well, and can be submitted to the virus lab*.

Regards,

Aryeh Goretsky

*Technically speaking, it's more of a malware and cybercrime research lab these days, but the naming is something of a holdover from when ESET started, and classic computer viruses were what they saw.

Okay, so if I submit a phishing site to ESET will they analyze it and add it to their database?

[agoretsky]

Hello,

Yes, but keep in mind that phishing sites tend to have a very short lifetime.

Regards,

Aryeh Goretsky

Quote:

Originally Posted by Chiron

Okay, so if I submit a phishing site to ESET will they analyze it and add it to their database?

[Chiron]

Quote:

Originally Posted by agoretsky

Hello,

Yes, but keep in mind that phishing sites tend to have a very short lifetime.

Regards,

Aryeh Goretsky

Thank you.

[Chiron]

Actually, I have one more question.

What is the easiest way for non-ESET users to find out if a site is already blocked by ESET? This way everyone can help to make the internet a safer place, regardless of whether they use a certain product or not.

[SweX]

Quote:

Originally Posted by Chiron

Actually, I have one more question.

What is the easiest way for non-ESET users to find out if a site is already blocked by ESET? This way everyone can help to make the internet a safer place, regardless of whether they use a certain product or not.

Hi Chiron.

Unfortunately afaik there is no way to do that at the moment

Though personally I would like ESET to start a "portal" where users could report FP's, or send in undetected URL's, files etc via a feedback form or similar.
As I feel that would be easier than sending an email wich is the recommended way of reporting right now.

And maybe even be able to check the current reputation of an URL.

Who knows maybe they got plans for a portal like that?

[Chiron]

Quote:

Originally Posted by SweX

Hi Chiron.

Unfortunately afaik there is no way to do that at the moment

Though personally I would like ESET to start a "portal" where users could report FP's, or send in undetected URL's, files etc via a feedback form or similar.
As I feel that would be easier than sending an email wich is the recommended way of reporting right now.

And maybe even be able to check the current reputation of an URL.

Who knows maybe they got plans for a portal like that?

Thank you.

[SweX]

Quote:

Originally Posted by Chiron

Thank you.

You're welcome, Chiron