Subratam.org blocked by NIS2009

Discussion in 'other security issues & news' started by bigc73542, Sep 23, 2008.

Thread Status:
Not open for further replies.
  1. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Whenever I try to access Subs with Internet Explorer running NIS2009 it blocks it. whenever I try to access anything on the forum it blocks it. Here is a screen shot of the alert. when I go to info on the alert it says there is an instance of "banco" in the downloads section I left a message on Subs phone concerning this but in the mean time quite a few people could be getting the wrong idea about the forum. Since subratams is definatly not malicious this has got to be an FP.
     
  2. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,924
    Location:
    U.S.A.
    bigc73542, I don't have NIS2009 and can visit subratam.org without any problems but when trying to access the same URL posted on the alert, I get the error below. Thought you should know.
     

    Attached Files:

  3. Wake2

    Wake2 Registered Member

    Joined:
    Apr 30, 2005
    Posts:
    205
    Hi bigc,

    I am running NIS 2009 and had same results as JRViejo trying to use the link shown in the NIS alert.

    However if I go directly to hxxp://forums.subratam.org. works fine with no blocked alerts.

    Wake
     
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    The posted URL is a private forum section, however, it is no different than any other sub-forum at Subratam's.

    That warning sounds like a site advisor type alert and not a realtime scan finding malicious content in the webpages themselves. As a spyware cleaning forum, it's possible someone link to or uploaded a file sample for the malware banco, and that is what was found or reported, and why the website is blocked by NIS now.

    It'd be nice to know "exactly" what file NIS is referring to, as it could even be a false positive detection on one of the many spyware cleaning tools hosted at Subratam's.
     
  5. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    What ever the problem real or false positive it has already been fixed. Subratams is no longer being blocked :D :D When it was being blocked I accessed the file is said the Banco was residing in and It was in the download section and was something like iefix or infix and when I clicked the link to the file it did open a download box for that file but It blocked it as soon as it opened. If it would have allowed the download box to remain I would have taken a screen shot but the alert box had it covered and I couldn't get it to move.

    Well it is blocked again
     
    Last edited: Sep 23, 2008
  6. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Thanks Lowwatermark. I appreciate you finding out what the problem is. unfortunatly the site is still being blocked. It would be nice if the web sense module would get it stuff together. I like it but it seems to still need a bit of work.
     
  7. subratam

    subratam Registered Member

    Joined:
    Nov 14, 2003
    Posts:
    1,310
    Location:
    Issaquah, WA
  8. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I am pleased that the problem has been discovered. I just didn't wan't anyone that didn't know what was going on to get the wrong idea as to why the site is blocked when useing IE7 or FF along with NIS2009 and web safe. Unfortunatly it is still being blocked. Hopefully this will be corrected soon.
     
Loading...
Thread Status:
Not open for further replies.