<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>So really, "they made a mistake that will not happen again". No action needed from us....<br><br><div>--</div><div>Jim Manico</div><div>@Manicode</div><div>(808) 652-3805</div></div><div><br>On Apr 3, 2015, at 9:25 PM, Josh Sokol <<a href="mailto:josh.sokol@owasp.org">josh.sokol@owasp.org</a>> wrote:<br><br></div><blockquote type="cite"><div><div dir="ltr"><div><div>I wanted to follow up here as I did get some additional information on the blocking of <a href="http://owasp.org">owasp.org</a> by OpenDNS:<br><br><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote">Our system was detecting malicious activity around the IP address that was hosting OWASP, and showing signs of domain generated algorithms where there were domain names similarly spelled to OWASP. This lead to the reason why the domain was being blocked. However our research team further reviewed the domain and was able to ensure that this wont happen again with this domain.<br></blockquote><br><br></div>Unfortunately, I'm not sure there is much that we can do with that, but at least we have an answer as to why it was blocked in the first place.<br><br></div>~josh<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Mar 16, 2015 at 12:11 PM, Tobias <span dir="ltr"><<a href="mailto:tobias.gondrom@owasp.org" target="_blank">tobias.gondrom@owasp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div text="#000000" bgcolor="#FFFFFF">
    <div>Thanks Josh, <br>
      it would indeed be good to find out and understand what happened.
      <br>
      These anti-spam services can often act quite randomly and can
      meanwhile do quite a lot of damage to legitimate sites. And often
      without any warning. :-(<br>
      Best, Tobias<div><div class="h5"><br>
      <br>
      <br>
      On 16/03/15 09:16, Josh Sokol wrote:<br>
    </div></div></div><div><div class="h5">
    <blockquote type="cite">
      <div dir="ltr">
        <div>I received a response from OpenDNS Support on 3/15 saying
          that the domain was no longer being blocked for malware.  I
          have asked them to escalate to their research team for
          additional information as to why it was on the list to begin
          with.<br>
          <br>
        </div>
        ~josh<br>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On Mon, Mar 16, 2015 at 10:14 AM, Paul
          Ritchie <span dir="ltr"><<a href="mailto:paul.ritchie@owasp.org" target="_blank">paul.ritchie@owasp.org</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div dir="ltr">Hi all:
              <div>Just as a follow up, Matt Tesauro has an OWASP IT
                'service ticket' system set up in case that are Web or
                IT related issues. </div>
              <div><br>
              </div>
              <div>I have copied him here, but it might be good to
                bookmark this "OWASP IT" email address or set it aside
                for that 'rare' instance when it might be needed.</div>
              <div><br>
              </div>
              <div>Matt - FYI in case you can add to or help support the
                issue.</div>
              <div><br>
              </div>
              <div>Paul</div>
              <div class="gmail_extra"><br clear="all">
                <div>
                  <div>
                    <div dir="ltr">
                      <div>Best Regards, Paul Ritchie</div>
                      <div>OWASP Interim Executive Director</div>
                      <div><a href="mailto:paul.ritchie@owasp.org" target="_blank">paul.ritchie@owasp.org</a></div>
                      <div><br>
                      </div>
                    </div>
                  </div>
                </div>
                <div>
                  <div>
                    <br>
                    <div class="gmail_quote">On Sat, Mar 14, 2015 at
                      1:38 PM, Jim Manico <span dir="ltr"><<a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>></span>
                      wrote:<br>
                      <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                        <div bgcolor="#FFFFFF" text="#000000"> Good
                          catch, I do not see this block on other DNS
                          services, but if I do I'll let you know.<br>
                          <br>
                          Nice catch Josh. Thank you.<span><font color="#888888"><br>
                              <br>
                              - Jim</font></span>
                          <div>
                            <div><br>
                              <br>
                              <br>
                              <div>On 3/14/15 10:01 AM, Josh Sokol
                                wrote:<br>
                              </div>
                            </div>
                          </div>
                          <blockquote type="cite">
                            <div>
                              <div>
                                <div dir="ltr">
                                  <div>
                                    <div>
                                      <div>Hey all,<br>
                                        <br>
                                      </div>
                                      I was trying to do something on
                                      the <a href="http://owasp.org" target="_blank">owasp.org</a>
                                      site today and noticed that
                                      OpenDNS was telling me that it was
                                      blocked (never has been before). 
                                      I currently have an enterprise
                                      account with them so I started
                                      poking around in their Investigate
                                      tool and it looks like <a href="http://owasp.org" target="_blank">owasp.org</a>
                                      was added to their OpenDNS
                                      Security Labs block list as of
                                      today (3/14/2015).  It doesn't
                                      really say why, and I've followed
                                      up with my sales guy to get an
                                      answer, but this could be a
                                      significant hit to our traffic as
                                      OpenDNS registers between ~200 and
                                      ~800 DNS queries for <a href="http://owasp.org" target="_blank">owasp.org</a>
                                      per hour.  <br>
                                      <br>
                                      <mime-attachment.png><br>
                                      ​<br>
                                    </div>
                                    I wanted to give everyone a heads
                                    up.<br>
                                    <br>
                                  </div>
                                  ~josh<br>
                                </div>
                                <br>
                                <fieldset></fieldset>
                                <br>
                              </div>
                            </div>
                            <span>
                              <pre>_______________________________________________
Owasp-board mailing list
<a href="mailto:Owasp-board@lists.owasp.org" target="_blank">Owasp-board@lists.owasp.org</a>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-board" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-board</a>
</pre>
                            </span></blockquote>
                          <br>
                        </div>
                        <br>
                        _______________________________________________<br>
                        Owasp-board mailing list<br>
                        <a href="mailto:Owasp-board@lists.owasp.org" target="_blank">Owasp-board@lists.owasp.org</a><br>
                        <a href="https://lists.owasp.org/mailman/listinfo/owasp-board" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-board</a><br>
                        <br>
                      </blockquote>
                    </div>
                    <br>
                  </div>
                </div>
              </div>
            </div>
          </blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      <pre>_______________________________________________
Owasp-board mailing list
<a href="mailto:Owasp-board@lists.owasp.org" target="_blank">Owasp-board@lists.owasp.org</a>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-board" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-board</a>
</pre>
    </blockquote>
    <br>
  </div></div></div>

</blockquote></div><br></div>
</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Owasp-board mailing list</span><br><span><a href="mailto:Owasp-board@lists.owasp.org">Owasp-board@lists.owasp.org</a></span><br><span><a href="https://lists.owasp.org/mailman/listinfo/owasp-board">https://lists.owasp.org/mailman/listinfo/owasp-board</a></span><br></div></blockquote></body></html>