Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 4257 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

URL Categorization

trialrider
Hi there,

Why does trustedsource.org categorize ezthemes(dot)com as "Malicious Sites" and "PUP" and not our ASG? The clients AV blocked access...

Log file shows lines like this: 
url="www.ezthemes.com/.../jpeg"


We don't block access depending on a sites reputation. So I can image there're more false friends...

Can someone explain that behaviour of the ASG?
-- 
Kind regards

Steffen


This thread was automatically locked due to age.
Parents
  • 0
    Those all look correct to me.  Nothing was blocked because of reputation="malicious". One jpg was blocked for categoryname="Provocative Attire".
    I don't know why the AV on the client thought entermilkywayncc1701d.jpg has a virus.  Maybe their AV has some settings that make it extra careful with jpegs?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Those all look correct to me.  Nothing was blocked because of reputation="malicious". One jpg was blocked for categoryname="Provocative Attire".
    I don't know why the AV on the client thought entermilkywayncc1701d.jpg has a virus.  Maybe their AV has some settings that make it extra careful with jpegs?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    Hi Bob,

    you're right but the problem is that trustedsource.org/McAfee categotizes the URL as Malicious Site and PUP.

    So why it's shown as Entertainment in my log, if Astaro uses McAfee's database? See the attached picture. The AV software on the client bocked all traffic from/to the URL.
    -- 
    Kind regards,

    Steffen