[nsp-sec] Google Safe Browsing and details about AS level listings

[Peter Moody]

On Fri, Sep 11, 2009 at 1:18 AM, Zoe O'Connell <zoe at hotchilli.com> wrote:
> On 10/09/2009 17:51, Peter Moody wrote:
>
> ----------- nsp-security Confidential --------
>
> On Thu, Sep 10, 2009 at 9:49 AM,  <sthaug at nethelp.no> wrote:
>
>
> I'm asking around internally (this is Niels Provos' baby, but I think
> he's on vacation right now), but in the meantime have you checked the
> webmaster console?  Information for domains, and possibly ASNs you
> own, should be available there.
>
>
> As far as I can see the webmaster console cannot give me what I want:
>
> - It requires you to prove that you are the owner of a website (by
> setting a specific meta tag). However, since I work for a service
> provider, I am definitely not the owner of all web sites within my AS.
>
>
> yeah, I was hoping that you might be able to tell it that you own an
> AS and it would show you information for all sites that resolve to an
> ip in that AS.
>
> I'll ask around and let you know what I find out.
>
>
> Any chance you could also ask about getting the wording on the diagnostic
> page changed? It's very confusing for end users when it states "This site
> hasn't hosted any malware in the last 90 days" just because it was a script
> exploit pointing elsewhere - they often come pointing their finger at us and
> saying "It must be listed because of the server, because google says it's
> not the site that's hosting the malware." I'm also pretty sure we've had a
> couple of false positives, but we can't do anything about them even when
> they're on our server, due to the same problem Steinar mentioned about
> webmaster tools.

I don't understand your last point. Can you elaborate? Steinar's
problem (unknown machine under customer control in his AS carrying
malware) seems unrelated to the problem you're describing (known
machine under your control in your AS).

> Thanks.
>



-- 
Peter Moody      Google    1.650.253.7306
Network Security Engineer  pgp:0xC3410038