Discussion in 'other anti-malware software' started by Dermot7, Feb 4, 2012.
Dermot7....you're our source!
Thanks guys, yeah I gave it a spin earlier, and it looked interesting. At least, looks like another useful tool in the "holster". Thanks ZScaler!
Nope, never heard of it before. Will add, thanks.
==> suspicious domain name MEDIUM RISK
(Plain Dutch text, hosted at the second largest service in NL, off course it is suspicious, Dutch/Flamish is only spoken by 20 million people, so it has to be suspicious on a world population scale )
==> netblock size HIGH RISK
(off course it is small, it is the only address )
DRAW YOUR OWN CONCLUSION
Well that's an "eye-opener"...Thanks for testing Kees1958!
Yep, the current level is diagnostics, it needs to add intelligence by relating individual facts to each other. But it is their first release. So let's wait and see how it develops.
I threw a site url at it that was recently listed on MDL. MDL had the site listed as "redirects to Blackhole exploit kit". Here's the result-
Yes I saw it couple of weeks ago but forgot to bookmark then. But now it's bookmarked for sure.
Perhaps it's time to creat a thread with a list of URL scanning services?
It lists my freeware website as suspicious also. Plain html, no ads, no monetization of any kind and simply links to some of the best freeware. WOT, AVG, and Dr. Web all list my site as safe. Draw your own conclusions.
I've already started
Dr Web Online Scan
That is a joke right?
My site is plain html, no ads, no monetization of any kind and simply links to some of the best freeware. WOT, AVG, and Dr. Web all list my site as safe. Draw your own conclusions. It rates my site as suspicious with 52/100. The service is a joke.
Best bet is to email them with your complaint?
I did email them with a complaint. Their reply was unforgiving. I've emailed several protests since and they have refused to reply. I will send no more.
The service is a joke.
You can check my website out for yourself http://bearware.info ...and just tell me what is suspicious about it.
The service is a joke.
Ah...that's bad news...very poor service from them
Sorry to hear that, your stance is understandable now.
I reanalyze your site and it now has a status of "Benign" with a green color. Give it some time to improve.
Some funny stuff is going on here. The link I posted in reply to Dermot7 tonight showed suspicious with a 52/100 rating which I ran seconds before I posted the link.
http://zulu.zscaler.com/seen/74127b6...ebd-1335705122 (which is now dead)
I just resubmitted my site for 'their' evaluation and now it shows Benign but with a 32/100 rating. The site is a joke.
I meticulously check each program and link thoroughly before I list any program and routinely verify the links in case something changes. Not only do I personally verify the quality of each program listed, I refer to WOT, URLVoid, AVG LinkScanner, Dr Web Online Scan, Norton, OnLineLinkScan, Sucuri, and Quttera for their visitor reviews and evaluation of the links I post in my repository to insure that only links with integrity are listed. What Zulu is doing is a joke. I have worked with the likes of this since 1980 and can spot a rat a mile away.
Well they improved Dutch site dropped from 42/100 to 30/100, simular site in English only rated 18/100. So they seem to improved on FP's (and the criteria they use leading to the possible FP's seem to be generally accepted in the security business).
Explanation: Some characteristics of small sites are now an indication for spamming/malware related sites.
I am also getting no more Spam reports anymore because I have two sites with small netblock sizes, as many small companies will have. Apparently this is industry standard 'classification'. It is a bit one-dimensional to draw these conclusions (like calling all People from Alaska stupid because Sarah Palin thinks Africa is a country), but they are not the only ones doing this.
I resubmitted my site for their check again tonight - now 40/100:
http://bearware.info/screenshots/Re...re.info- - Zscaler Zulu URL Risk Analyzer.png
Like I said, there is nothing nefarious about my site at all and even though they say now that my site is benign, it still flags a "Top Level Domain" as risky of 20/100 and "ZScaler IP reputation" as risky 13/100. This is absolute bull crap as you can check for yourself http://bearware.info.
Separate names with a comma.