July 30th, 2008

McAfee SiteAdvisor blocks SANS

Posted by Nathan McFeters @ 1:20 pm

Categories: Uncategorized

Tags: McAfee Inc., McAfee SiteAdvisor, Web Site, Web Site Development, Web Technology, Security, Internet, Nathan McFeters

Showing you just how much they understand about security, McAfee blocked the SANS website, sans.org, as well as giac.org and sans.edu, with their SiteAdvisor application, listing it as a “bad” site.

Interestingly enough, SANS sites are some of the best sites to go to for security related news.  Several people count on SANS for training on many security topics, and SANS also hosts one of my favorite websites, the Internet Storm Center Handler’s Diary.  This site catalogs the daily events of Incident Handlers and provides intuitive thoughts on new attacks and how to deal with them.

Of course, I was not surprised when I browsed to their site today and saw that it was flagged by SiteAdvisor… it’s not the first time they’ve shown us just how useful their tools are.

From the Handler’s Diary, the comments on being blocked by McAfee:

When we look at the site reports, giac.org and sans.edu are bad simply because they have links to the sans.org web site.  The sans.org web site is now considered bad because of two links in CVA newsletters that point to exploit samples on 3rd party web sites.

We have submitted a comment via the SiteAdvisor web site and are simply waiting to hear back if they change the site status in their database.

[See related stories on McAfee's blunders]

1. More bad news for McAfee, HackerSafe certification
2. McAfee’s HackerSafe: When all else fails, rebrand it!
3. McAfee isn’t “McAfee Secure” or “Hacker Safe”
4. McAfee’s HackerSafe: “Um… we go in like a super hacker”
5. McAfee partner isn’t McAfee secure
6. McAfee S.P.A.M. experiment and more ridiculous HackerSafe failures

Just in case you were starting to forget McAfee’s blunders, they step up to the plate and remind us why Joseph Pierini, director of enterprise services for the “Hacker Safe” program is the obvious front-runner for the Pwnie Award for lamest vendor response and make us question why they are not also up for the Most Epic FAIL pwnie award, where they’d likely give Lifelock CEO Todd Davis a run for his money.
-Nate

Nathan McFeters is a Senior Security Advisor for Ernst & Young's Advanced Security Center in Chicago. The views and opinions expressed in this article are his own and do not represent the views and opinions of Ernst & Young Advanced Security Center or Ernst & Young, LLP. Nathan has performed web application, deep source code, Internet, Intranet, wireless, dial-up, and social engineering engagements for numerous clients in the Fortune 500 during his career at Ernst & Young and has spoken at a number of prestigious conferences, including Black Hat, DEFCON, ToorCon, and Hack in the Box. He can be found at his Pwn* blog and XS-Sniper, a blog with Billy Rios. See his full profile and disclosure of his industry affiliations.