[nsp-sec] Google Safe Browsing and details about AS level listings
Zoe O'Connell
zoe at hotchilli.com
Fri Sep 11 04:18:36 EDT 2009
On 10/09/2009 17:51, Peter Moody wrote:
> ----------- nsp-security Confidential --------
>
> On Thu, Sep 10, 2009 at 9:49 AM, <sthaug at nethelp.no> wrote:
>
>>> I'm asking around internally (this is Niels Provos' baby, but I think
>>> he's on vacation right now), but in the meantime have you checked the
>>> webmaster console? Information for domains, and possibly ASNs you
>>> own, should be available there.
>>>
>> As far as I can see the webmaster console cannot give me what I want:
>>
>> - It requires you to prove that you are the owner of a website (by
>> setting a specific meta tag). However, since I work for a service
>> provider, I am definitely not the owner of all web sites within my AS.
>>
>
> yeah, I was hoping that you might be able to tell it that you own an
> AS and it would show you information for all sites that resolve to an
> ip in that AS.
>
> I'll ask around and let you know what I find out.
>
Any chance you could also ask about getting the wording on the
diagnostic page changed? It's very confusing for end users when it
states "This site hasn't hosted any malware in the last 90 days" just
because it was a script exploit pointing elsewhere - they often come
pointing their finger at us and saying "It must be listed because of the
server, because google says it's not the site that's hosting the
malware." I'm also pretty sure we've had a couple of false positives,
but we can't do anything about them even when they're on our server, due
to the same problem Steinar mentioned about webmaster tools.
Thanks.
More information about the nsp-security
mailing list