Has anyone tried...Zulu?

Discussion in 'other anti-malware software' started by Dermot7, Feb 4, 2012.

Thread Status:
Not open for further replies.
  1. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
  2. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,228
    Location:
    North Texas
    Dermot7....you're our source!:ninja:
     
  3. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
  4. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    Thanks guys, yeah I gave it a spin earlier, and it looked interesting. At least, looks like another useful tool in the "holster". Thanks ZScaler! :thumb:
     
  5. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Nope, never heard of it before. Will add, thanks.
     
  6. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Okay, here is the judgement: TESTED with a personal website with no javascript, flash, php, etc, just plain HTML :eek: :eek: :eek:

    ==> suspicious domain name MEDIUM RISK
    (Plain Dutch text, hosted at the second largest service in NL, off course it is suspicious, Dutch/Flamish is only spoken by 20 million people, so it has to be suspicious on a world population scale :oops: :oops: :oops: )

    ==> netblock size HIGH RISK
    (off course it is small, it is the only address :ouch: :ouch: :ouch: )


    DRAW YOUR OWN CONCLUSION
     
    Last edited: Feb 5, 2012
  7. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    :blink: :blink: Well that's an "eye-opener"...Thanks for testing Kees1958! :)
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Yep, the current level is diagnostics, it needs to add intelligence by relating individual facts to each other. But it is their first release. So let's wait and see how it develops.
     
  9. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
  10. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Yes I saw it couple of weeks ago but forgot to bookmark then. But now it's bookmarked for sure. :thumb:

    Perhaps it's time to creat a thread with a list of URL scanning services? :)
     
  11. bearbottoms

    bearbottoms Registered Member

    Joined:
    Aug 2, 2008
    Posts:
    9
    Location:
    USA
    It lists my freeware website as suspicious also. Plain html, no ads, no monetization of any kind and simply links to some of the best freeware. WOT, AVG, and Dr. Web all list my site as safe. Draw your own conclusions.
    http://bearware.info
    o_O
     
  12. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
  13. bearbottoms

    bearbottoms Registered Member

    Joined:
    Aug 2, 2008
    Posts:
    9
    Location:
    USA
    I've already started

    URLVoid
    http://www.urlvoid.com/

    AVG LinkScanner
    http://www.avgthreatlabs.com/sitereports/

    Dr Web Online Scan
    http://online.drweb.com/?url=1

    WOT
    http://www.mywot.com/

    Norton
    http://safeweb.norton.com/

    OnLineLinkScan
    http://onlinelinkscan.com/

    Sucuri
    http://sitecheck.sucuri.net/scanner/

    Quttera
    http://www.quttera.com/
     
  14. bearbottoms

    bearbottoms Registered Member

    Joined:
    Aug 2, 2008
    Posts:
    9
    Location:
    USA
  15. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    Best bet is to email them with your complaint?
     
  16. bearbottoms

    bearbottoms Registered Member

    Joined:
    Aug 2, 2008
    Posts:
    9
    Location:
    USA
    I did email them with a complaint. Their reply was unforgiving. I've emailed several protests since and they have refused to reply. I will send no more.

    The service is a joke.

    You can check my website out for yourself http://bearware.info ...and just tell me what is suspicious about it.

    The service is a joke.
     
  17. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    Ah...that's bad news...very poor service from them :thumbd:
    Sorry to hear that, your stance is understandable now.
     
  18. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,122
    I reanalyze your site and it now has a status of "Benign" with a green color. Give it some time to improve.
     
  19. bearbottoms

    bearbottoms Registered Member

    Joined:
    Aug 2, 2008
    Posts:
    9
    Location:
    USA
    Some funny stuff is going on here. The link I posted in reply to Dermot7 tonight showed suspicious with a 52/100 rating which I ran seconds before I posted the link.
    http://zulu.zscaler.com/seen/74127b6...ebd-1335705122 (which is now dead)

    I just resubmitted my site for 'their' evaluation and now it shows Benign but with a 32/100 rating. The site is a joke.

    http://zulu.zscaler.com/seen/74127b6d44d3cc07efa02493023dfebd-1338428762

    I meticulously check each program and link thoroughly before I list any program and routinely verify the links in case something changes. Not only do I personally verify the quality of each program listed, I refer to WOT, URLVoid, AVG LinkScanner, Dr Web Online Scan, Norton, OnLineLinkScan, Sucuri, and Quttera for their visitor reviews and evaluation of the links I post in my repository to insure that only links with integrity are listed. What Zulu is doing is a joke. I have worked with the likes of this since 1980 and can spot a rat a mile away.
     
    Last edited: May 30, 2012
  20. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Well they improved Dutch site dropped from 42/100 to 30/100, simular site in English only rated 18/100. So they seem to improved on FP's (and the criteria they use leading to the possible FP's seem to be generally accepted in the security business). :thumb:


    Explanation: Some characteristics of small sites are now an indication for spamming/malware related sites.
    I am also getting no more Spam reports anymore because I have two sites with small netblock sizes, as many small companies will have. Apparently this is industry standard 'classification'. It is a bit one-dimensional to draw these conclusions (like calling all People from Alaska stupid because Sarah Palin thinks Africa is a country), but they are not the only ones doing this.
     
  21. bearbottoms

    bearbottoms Registered Member

    Joined:
    Aug 2, 2008
    Posts:
    9
    Location:
    USA
    I resubmitted my site for their check again tonight - now 40/100:
    http://bearware.info/screenshots/Re...re.info- - Zscaler Zulu URL Risk Analyzer.png

    Like I said, there is nothing nefarious about my site at all and even though they say now that my site is benign, it still flags a "Top Level Domain" as risky of 20/100 and "ZScaler IP reputation" as risky 13/100. This is absolute bull crap as you can check for yourself http://bearware.info.

    http://zulu.zscaler.com/submission/show/74127b6d44d3cc07efa02493023dfebd-1338609503
     
Thread Status:
Not open for further replies.