Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 28 subscribers
  • Views 1553 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problems with submitting an URL

TheBalmasque

Hi,

 

i got a problem with submitting an URL (only IP Addresses) on the support platform:

https://secure2.sophos.com/en-us/support/submit-a-sample.aspx

 

When i enter the following malicious URL i got an "Access Denied" error: (see screenshot)

htt(p)://178.62.63.119/ [Path Removed]

 

 

This error only(!) occurs when i try to submit an IP-Adress. Other URLs work without any problems.

 

 

BTW: I think Sophos should do it the same way like the "trustedsource.org" portal from McAfee. As an administrator it is easy to see if an URL is already categorized correct. On the sophos portal i can not check if an URL is already categorized. So also please vote for my idea on the Sophos Ideas Platform: [Y]

https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/32557672-url-feedback-enhancement

 

EDIT: Michael Dunn removed path from sample URL, as it linked to malware.



This thread was automatically locked due to age.
  • 0

    About your Feature Request.

    XG has this right now in product.

    So basically instead of using a Website, you could use the Appliance to get the current category. 

     

    This other issue seems to be a backend Issue...

    I am not sure, could you try another Browser etc? 

  • 0 in reply to LuCar Toni

    Hi,

     

    i know there is already the possibiltiy to check urls wihinin the XG console. But at work i'm still on the UTM.^^ So when i'm detecting a malicous URL for example, it would be nice to see if it is already categorized for XG. Also some websites are categorized not correct. It would be easier to see the actual website category on the platform. Same like in trustedsource from McAfee. [;)]

     

    @Problem: I' am using Google Chrome but with Firefox i can reproduce the issue.

  • 0

    I could not reproduce it when I tried, with that specific URL, in FF and Edge.  They all submitted normally.

    However I have reported the issue internally.

     

    Please note that it did link to malware, so I have edited the link in the original post.

     

    Currently (and for the last ~24 hours) that site should be classified as Hacking.

     

    When you tried to submit, was it uncategorized?

  • 0 in reply to Michael Dunn

    Hi,

    here is my reply i already send to your colleague via PM:

     

    I now tested it on my home pc. There are no problems with submitting ip-adresses, so this could be an error with the UTM proxy at work. I need to look in the log files when I'm back at work. (next wendsday)

     

    When you tried to submit, was it uncategorized?

    I don't know at that moment because i was at work were i still use the good old UTM. This is the reason i put in my feature request. Because it should be easier (without the need to log in the xg console) to see if an url is already classified. [:D]

    If there are problems with publishing the classification data in the web, Sophos could limit it only for logged in users. [H]