+Kit Fox Posted November 27, 2007 Share Posted November 27, 2007 Well this is new phenomenon. Anyone else having this problem? Link to comment
+cron Posted November 27, 2007 Share Posted November 27, 2007 Well this is new phenomenon. Anyone else having this problem? Yes, same here. I opened another thread while yours was being published. Here's my info: We are using Websense at work and this morning I see that "www.geocaching.com" is blocked. The reason is something like "malicious website". They don't provide more details. It seems you put up some javascript/ActiveX/whatever that made your site become blacklisted in the worldwide Websense database. Until this is resolved, nobody behind a Websense filter (with this category being enabled) will be able to see your site. I've been told that once the problem will be fixed, Websense will unblock the site (but that may take a couple of days afterwards). Please make sure to take actions! I can only use wap.geocaching.com at the moment... Link to comment
+SUp3rFM & Cruella Posted November 27, 2007 Share Posted November 27, 2007 Seen the database at Websense.com and saw no reference to geocaching.com. Weird... Link to comment
+DocDiTTo Posted November 27, 2007 Share Posted November 27, 2007 Well this is new phenomenon. Anyone else having this problem? Yes, same thing here. Fortunately with proxy sites like ibypass.net Websense isn't much of an issue. I was wondering whether Websense did the blocking, or whether it was just my employer... good to know it's not just me. Link to comment
+cron Posted November 27, 2007 Share Posted November 27, 2007 (edited) Well this is new phenomenon. Anyone else having this problem? Yes, same thing here. Fortunately with proxy sites like ibypass.net Websense isn't much of an issue. I was wondering whether Websense did the blocking, or whether it was just my employer... good to know it's not just me. I spoke with the security group and it's definitely coming from Websense (and he showed me the page from the Websense website that proves gc.com has been added to their database). This is all automatic, so once the problematic code has been removed, all should come back to normal. Oh, and "ibypass.net" is also blocked here... Edited November 27, 2007 by cron Link to comment
+Miragee Posted November 27, 2007 Share Posted November 27, 2007 Is this part of the problem . . . ? HTML Validator Results Link to comment
+DocDiTTo Posted November 27, 2007 Share Posted November 27, 2007 Well this is new phenomenon. Anyone else having this problem? Yes, same thing here. Fortunately with proxy sites like ibypass.net Websense isn't much of an issue. I was wondering whether Websense did the blocking, or whether it was just my employer... good to know it's not just me. I spoke with the security group and it's definitely coming from Websense (and he showed me the page from the Websense website that proves gc.com has been added to their database). This is all automatic, so once the problematic code has been removed, all should come back to normal. Oh, and "ibypass.net" is also blocked here... I always thought it was odd that our net admins blocks sites, but not the proxies that enable us to get to blocked sites... and I actually find it interesting that geocaching.com isn't flagged by websense as a "games" site -- especially since http://www.geocacher-u.com/ and gpsgames.org are both flagged as "games". Link to comment
+admo1972 Posted November 27, 2007 Share Posted November 27, 2007 We've got that websense junk at my work as well. geocaching.com is fine for me, but geochecker.com has now been blocked for a while. Makes getting those puzzle caches at lunch a bit harder... Link to comment
+StarBrand Posted November 27, 2007 Share Posted November 27, 2007 My experience with such "defenders" is that they will rarely explain why certain content/code offends them so much. I wouldn't be so quick to "blame" anybody at Geocaching.com for doing anything underhanded/malicious or threatening. Point blank ask websense what is so wrong with the code they are seeing. Link to comment
+supertbone Posted November 27, 2007 Share Posted November 27, 2007 (edited) I have websense at work too. Since I am out with a sick kid today I can't verify if my work blocks it, but I guess since others have it blocked mine probably does too. Arrrgggh. My employer has the most restrictive web policy I have ever seen. I have tried bypassing the filters before and all proxies that I have tried are blocked too. Edited November 27, 2007 by supertbone Link to comment
+SUp3rFM & Cruella Posted November 27, 2007 Share Posted November 27, 2007 I logged in Websense.com and got this Site Lookup Tool URL: http://www.geocaching.com Category: Malicious Web Sites Database version: 92931 Database date: 27 Nov 2007 If you feel this classification is INCORRECT... I felt it was INCORRECT, of course, and submitted a request for a review of the category. For me, the most appropriate category is "Social and Lifestyles: Hobbies". Still, it would be even better if geocaching.com is left out of Websense. Even if Websense removes geocaching.com from the category "Malicious Web Site", I think it will be moved to some other category... And from what I've been reading here, probably some of you will be denied access. Here's the result: Your URL submission has been received and is currently under review. Categorization updates should be available in the next scheduled publication of the database. A new database is published every business day, five days a week, Pacific Standard Time. Link to comment
+DocDiTTo Posted November 27, 2007 Share Posted November 27, 2007 I have websense at work too. Since I am out with a sick kid today I can't verify if my work blocks it, but I guess since others have it blocked mine probably does too. Arrrgggh. My employer has the most restrictive web policy I have ever seen. I have tried bypassing the filters before and all proxies that I have tried are blocked too. You could run your own proxy server on your home PC, if you have the know-how to set it up. That's what I do. There are also pay-for-access proxies that may not be blocked by Websense. I have a feeling that since gc.com is definitely in the Websense database, it's probably only a matter of time until it gets tossed into a category that's restricted by employers. Games would definitely be a no-go for many employers, Hobbies might stand a chance with a few.... Maybe you can get your network admins hooked on Geocaching so they'll want to white-list the web site! Link to comment
+Team Cotati Posted November 27, 2007 Share Posted November 27, 2007 I think that Miragee has nailed it. Link to comment
MarcusArelius Posted November 27, 2007 Share Posted November 27, 2007 I work for a very large northwest aerospace firm (that I won't name ) and got the message below today. I don't think we blocked any new categories so it must be some new code that was added. ACCESS DENIED The external Web site you have requested is blocked due to additional virus filtering. URL: http://www.geocaching.com/my/ Filter Category: Malicious Web Sites;Security PG Company name blocks web site categories that contain inappropriate content, those that contain malicious code, and those that provide services that may be unsafe to the Company name network and or its resources. Virus filtering is implemented any time a website has been compromised. When the site is no longer infected the block will be removed and access to the site will be restored. If you think this site has been blocked in error, please contact Security Monitoring and Response via email:Click here, explain if business impacting. Link to comment
+weinema Posted November 28, 2007 Share Posted November 28, 2007 Blocking websites depends of "your" URL blocker software configuration. Your IT team can (hopefully) permit or deny dedicated categories. And depending of the product database it's blocked or not. These databases and the URL category is managed by the software developer. We use the ISS Proventia URL filter and geocaching.com is categorized with "travel". And we permit travel websites :-) and if we would block it I will put geocaching.com to the whitelist ;-D Thank god I'm a network admin! Martin Link to comment
+weinema Posted November 28, 2007 Share Posted November 28, 2007 If you think the website is not correctly categorized your IT team should check this and normally they are able to request a category update. Here you can check the ISS database http://filterdb.iss.net/urlcheck/ But... nost companys do not allow their employies to suft for private use. Be carefull when contacting your IT ;-) If geocaching.com runs special Java or Active-X scripts it's also possible that it's blocked. It's all in the hands of your network admins to do more or less security settings.... Martin Link to comment
+Knight2000 Posted November 28, 2007 Share Posted November 28, 2007 Probably not related but it was blocked by our local library system (when using their free computers). After an email or two to the tech department at the library they removed the block. I am not sure why it was blocked in the first place. Link to comment
+Alien Shore Posted November 28, 2007 Share Posted November 28, 2007 I got the same message as many of the rest of you. Websense is blocking those darn malicious websites. Thank goodness I've got them to protect me from...whatever it is I've been doing. Link to comment
+supertbone Posted November 28, 2007 Share Posted November 28, 2007 I went on to Websense.com and they have a tool in their support section that will allow you to do a site look up and ask for re-classification. On the site look up page you can suggest a new classification from a list. To use it you will need to create a free account. I did a site look up of geocaching.com and www.geocaching.com. Please note if you leave off the 'www', geocaching.com is listed as a hobby site, but if you add it the site is listed as malicious. I suggested it to be reclassified as 'Society and lifestyle: hobbies'. I am sure it could also be classified in 'games' or even 'travel' if you stretch it. In the mean time I would try leaving off the 'www' and see what happens. I hope that TPTB have already done this since blocking the site would obviously hamper our use of the site, but also lower ad revenue since there would be less traffic. Link to comment
+Yossarian Posted November 28, 2007 Share Posted November 28, 2007 In the mean time I would try leaving off the 'www' and see what happens. Good idea but unfortunately urls without the www aren't allowed on the site. They get redirected and the www. gets added on. Link to comment
+TrailGators Posted November 28, 2007 Share Posted November 28, 2007 Well this is new phenomenon. Anyone else having this problem? The main GC site got blocked at my work today, but the forums still worked. Go figure.... Link to comment
+strandum Posted November 28, 2007 Share Posted November 28, 2007 I have been blocked out from gc.com for weeks now (the firewall on my employers PC) get this in the firewall Attempted Intrusion "HTTP MS IE Object Element Data DoS" against your machine was detected and blocked. Intruder: www.geocaching.com(66.150.167.150)(http(80)). Risk Level: Medium. Protocol: TCP. Attacked IP: localhost. Attacked Port: 1200 Maybe Websense have picked up the same problem in the code? The Strandums Link to comment
+benh57 Posted November 28, 2007 Share Posted November 28, 2007 I have been blocked out from gc.com for weeks now (the firewall on my employers PC) get this in the firewall Attempted Intrusion "HTTP MS IE Object Element Data DoS" against your machine was detected and blocked. Intruder: www.geocaching.com(66.150.167.150)(http(80)). Maybe Websense have picked up the same problem in the code? The Strandums Yep, that is most likely it. I had the same issue with the symantec at my work. Fortunately i can manually remove the block on my local PC because my employer allows that. geocaching.com uses some perfectly valid HTML which can cause a problem for IE 6. Kinda ridiculous to block a website for this, IMO. Explanation: http://www.symantec.com/avcenter/attack_sigs/s21422.html Severity: Medium This attack could pose a moderate security threat. It does not require immediate action. Description This signature detects attempts to exploit a vulnerability in Microsoft Internet Explorer which allows an attacker to issue a denial of service attack on the victim host Internet Explorer Web browser. Additional Information A denial of service vulnerability has been reported in Microsoft Internet Explorer. This vulnerability is related to how the browser interprets properties of Object elements. The Object element is normally used to specify an external object to invoke such as an ActiveX component, Applet, etc. This condition may occur when a malicious web page specifies an Object element with a data property that has a value of "?" or "#" in addition to specifying a type property that refers to an image type (such as "image/gif"). The vulnerability will reportedly cause the browser to crash due to an infinite loop. Link to comment
+supertbone Posted November 28, 2007 Share Posted November 28, 2007 Well this is new phenomenon. Anyone else having this problem? The main GC site got blocked at my work today, but the forums still worked. Go figure.... The forums still work because they use a Groundspeak.com address, not a geocaching.com address. Groundspeak.com is listed in the Websense database as an IT site. Link to comment
+donbadabon Posted November 28, 2007 Share Posted November 28, 2007 Websense is so annoying. No better than the spammers out there. geochecker has been blocked for months here, and today gc was added. So I am in the same boat as the rest of you. gc needs to add an 'https' option to their site, that usually allows websense bypassing. Link to comment
+Happy Humphrey Posted November 28, 2007 Share Posted November 28, 2007 It's OK with Websense here (classified as Travel), although geochecker is blocked. Link to comment
+admo1972 Posted November 28, 2007 Share Posted November 28, 2007 Very annoying. Read this yesterday, but only this morning am I denied access. Bummer. To do some very basic searching and logging of caches, you can go to the address: wap.geocaching.com It's text only designed for quick access using pda's, cell phones, etc. But not blocked by websense. Link to comment
+SUp3rFM & Cruella Posted November 28, 2007 Share Posted November 28, 2007 A new query today, at Websense's Site Lookup Tool returns this: URL: http://www.geocaching.com Category: Malicious Web Sites Database version: 92932 Database date: 28 Nov 2007 Still under that category. Link to comment
+donbadabon Posted November 28, 2007 Share Posted November 28, 2007 Where is the site lookup tool? And where is the option to request a reclassification? Link to comment
+SUp3rFM & Cruella Posted November 28, 2007 Share Posted November 28, 2007 Where is the site lookup tool? And where is the option to request a reclassification? Here: http://www.websense.com/SupportPortal/SiteLookup.aspx Link to comment
+SUp3rFM & Cruella Posted November 28, 2007 Share Posted November 28, 2007 (edited) On the other hand, on the same database... URL: http://www.Groundspeak.com Category: Information Technology Database version: 92932 Database date: 28 Nov 2007 URL: http://www.Waymarking.com Category: Hobbies Database version: 92932 Database date: 28 Nov 2007 URL: http://wap.geocaching.com Category: Travel Database version: 92932 Database date: 28 Nov 2007 URL: http://forums.Groundspeak.com Category: Message Boards and Forums Database version: 92932 Database date: 28 Nov 2007 So far, Wherigo.com and travelbugs.com are not categorized by Websense. Edited November 28, 2007 by SUp3rFM & Cruella Link to comment
+donbadabon Posted November 28, 2007 Share Posted November 28, 2007 Here: http://www.websense.com/SupportPortal/SiteLookup.aspx Thanks. I just did my part and asked that it be reclassified. Guess we will find out tomorrow if our efforts paid off. Link to comment
+TurdleEggs Posted November 28, 2007 Share Posted November 28, 2007 Blocked by WebSense here too. It seems Geocaching.com got into the Malicious Software category because the website was trying to write something to the client - this isn’t an arbitrarily assigned category. Unfortunately, IT security aren’t likely to open up a Malicious Software category site url - at least not where I work. I’m not saying the GC developers did anything wrong (they’ve been doing a fantastic job) - it just is what it is in this security paranoid world and Web Sense is going to block what it sees as an intrusion. Sux! I guess it’s wap.geocaching.com for me Link to comment
Elias Posted November 28, 2007 Share Posted November 28, 2007 I've contacted Websense and have asked for more information on their listing, so hopefully they'll let me know so we can correct the issue. I'm sure whatever they've come across is just a false-positive and it should be very easy for us to fix. In the meantime, I'll investigate the "HTTP MS IE Object Element Data DoS" that was reported to see if I can find out where this is coming from and remove it as well. Elias Link to comment
+hairball45 Posted November 28, 2007 Share Posted November 28, 2007 (edited) Hmm. Looks like MarcusArelius and I share an employer. (I'm glad to see (well not really) that it's a generalized thing. I thought it might be something personal. Hoping for that unblocking. hairball Hey M/A betcha didn't know they were here too. Edited November 28, 2007 by hairball45 Link to comment
+Fléikëscht Posted November 28, 2007 Share Posted November 28, 2007 I wrote to our tech guys who contacted Websense. Meanwhile they reclassified geocaching.de from "Games" to "Hobbies". Thanks! Before reading this threat at home I contacted Groundspeak, they just wrote back that they're working on it. Many thanks! So, let's hope this issue will be worked out soon. Meanwhile we could discuss the sense of wanting to try to censor the Internet, but that wouldn't belong here! Only thing I know : If I want to, I just bypass Websense, it's only a matter of patience and time. Greets, Thierry Link to comment
MarcusArelius Posted November 28, 2007 Share Posted November 28, 2007 Hmm. Looks like MarcusArelius and I share an employer. (I'm glad to see (well not really) that it's a generalized thing. I thought it might be something personal. Hoping for that unblocking. hairball Hey M/A betcha didn't know they were here too. Actually, I did. I bet you're in Heath, Ohio. BTW, our employer lets us surf from work on our own time (e.g. lunch). I think that we use websense too. Link to comment
rawkitman Posted November 29, 2007 Share Posted November 29, 2007 I work for a very large northwest aerospace firm (that I won't name ) and got the message below today. I don't think we blocked any new categories so it must be some new code that was added. ACCESS DENIED The external Web site you have requested is blocked due to additional virus filtering. URL: http://www.geocaching.com/my/ Filter Category: Malicious Web Sites;Security PG Company name blocks web site categories that contain inappropriate content, those that contain malicious code, and those that provide services that may be unsafe to the Company name network and or its resources. Virus filtering is implemented any time a website has been compromised. When the site is no longer infected the block will be removed and access to the site will be restored. If you think this site has been blocked in error, please contact Security Monitoring and Response via email:Click here, explain if business impacting. I think I work of the same one - only in the south east. Very bummed when that poped up. Hopefully it will be taken care of soon. Link to comment
+Happy Humphrey Posted November 29, 2007 Share Posted November 29, 2007 It's OK with Websense here (classified as Travel), although geochecker is blocked. Just to say, it's now also classified as "Malicious" here as well. Link to comment
+hairball45 Posted November 29, 2007 Share Posted November 29, 2007 Good call MarcusArelius. Still blocked here. And I figured it ws the local IT guys....... Link to comment
+The Wellington Boots Posted November 29, 2007 Share Posted November 29, 2007 Our IT team looked into this today and came back with the following info: This site has been determined to contain code that may intentionally modify end-user systems without their consent and cause harm and is therefore appropriately classified at this time. The site will resume its content-based categorization, once it has been determined to no longer be a security risk. If you are in contact with the people who run it I would let them know Andy Thornbury Systems Architect *IRIS Legal Solutions* Link to comment
+supertbone Posted November 30, 2007 Share Posted November 30, 2007 I would be interested to see how web traffic to geocaching.com has been changed since this was put into place. Link to comment
+Happy Humphrey Posted November 30, 2007 Share Posted November 30, 2007 I would be interested to see how web traffic to geocaching.com has been changed since this was put into place. It's probably improved response times for those who can still access the site! Link to comment
+HoustonControl Posted December 1, 2007 Share Posted December 1, 2007 I would be interested to see how web traffic to geocaching.com has been changed since this was put into place. It's probably improved response times for those who can still access the site! Still blocked at my work... Link to comment
+Team Cotati Posted December 1, 2007 Share Posted December 1, 2007 (edited) I would be interested to see how web traffic to geocaching.com has been changed since this was put into place. It's probably improved response times for those who can still access the site! Yes, it has improved tremedously. I hope that they leave it in place permanently. Edited December 1, 2007 by Team Cotati Link to comment
+Allanon Posted December 3, 2007 Share Posted December 3, 2007 Bad attitude from Team Cotati not withstanding, any new information on this from TPTB? Link to comment
+teald024 Posted December 3, 2007 Share Posted December 3, 2007 Well this is new phenomenon. Anyone else having this problem? I'm glad I found this thread before I flamed the local IT guys. GC.com is still not accessable at my work. The WAP interface is working though. Link to comment
Elias Posted December 3, 2007 Share Posted December 3, 2007 Bad attitude from Team Cotati not withstanding, any new information on this from TPTB? I've sent two requests to Websense asking for more information on this and I haven't heard anything back. Until they respond back to me, there's not much we can do to fix this issue. Elias Link to comment
+Happy Humphrey Posted December 3, 2007 Share Posted December 3, 2007 Bad attitude from Team Cotati not withstanding, any new information on this from TPTB? I've sent two requests to Websense asking for more information on this and I haven't heard anything back. Until they respond back to me, there's not much we can do to fix this issue. Elias Websense fix these errors within minutes apparently... Link to comment
+SUp3rFM & Cruella Posted December 3, 2007 Share Posted December 3, 2007 Here's a fresh update. A query in the Site Report Tool over www.geocaching.com returns this: Site Lookup Tool URL: http://www.geocaching.com Category: Hobbies Database version: 92935 Database date: 03 Dec 2007 So, it's not malicious. Still, moving into the "hobbies" category will probably prevent many to access it under a network with Websense. The hobbies category is one of those blocked by "default", I guess. Just as Waymarking, like i wrote before, is on the hobbies category. Wap.geocaching.com is on the Travel... Link to comment
Recommended Posts