cancel
Showing results for 
Search instead for 
Did you mean: 
Regis
Level 12

Another Flash 0-day in the wild. Anyone blocking Flash yet? Web Ads? Strategies?

Greetings,

I have 3 questions for you fellow in-the-trenches proxy admins.  I'd be delighted with any input on any or all of them that you can share from your experience.

  1. Has anyone successfully transitioned to a url or site whitelist approach for allowing Flash?   I know some folks do this with Java with sleep-assuring success.
  2. On a semi-related note, how many of ya are able to block Web Ads category and avoid the pitchforks and user screaming?
  3. On a wing and a prayer note, is there a single administrator who has successfully blocked Uncategorized and not been neutered by the users before noon on Monday?  The best I've achieved in an environment is uncategorized executables from med/high risk ip's  or known unfriendly TLD's.     (This "block all uncategorized" advice strongly advocated by a couple of incident responders from a rather well known vulnerability scanning vendor giving a talk at a local security conference last week ... which smacked of "I've never actually attempted any of the advice I'm espousing," but I'd like to verify that with you fellow proxy admins)

Why I ask:

With yet another Flash 0 day in the wild that Adobe will be taking some time to fix [ Microsoft and Adobe warn of separate zero-day vulnerabilities under attack | Ars Technica ] and given that Flash appears to be finally moving into the autumn of its relevance  [ Firefox 53 will ditch support for plug-in Flash New Firefox versions will make you activate all new add-ons – except one hacker favourite • The Regi... ]   ....    I'm wondering if it's becoming plausible to block Flash at the gateway except for sites that require it and have a business need.  I know off hand a learning management system site we work with would need to be on that whitelist while we flog them to embrace html5.

Thanks so much for any insight or shared experience.

2 Replies
dcaffrey
Level 10

Re: Another Flash 0-day in the wild. Anyone blocking Flash yet? Web Ads? Strategies?

We've just recently blocked UnCategorised, we had been monitoring the activity and submitting all UnCategorised sites to TrustedSource.

Our policy is for the user to contact HR if a site is blocked so it has to be a "Real" business need before it gets to us ( or maybe a VIP ..... )

Regis
Level 12

Re: Another Flash 0-day in the wild. Anyone blocking Flash yet? Web Ads? Strategies?

dcaffrey,   Boy I'd love to do that too.   How's that been going? 

I've long assumed that it'd make my life an impenetrable hell given the rather large universe of uncategorized  that seems to be relatively important to a lot of increasingly complex sites.    Has the trustedsource universe of Uncategorized actually gotten manageably small?  How many users are you supporting?   How many sites are you having to submit daily?

Anyone else blocking uncategorized?

0 Kudos