cancel
Showing results for 
Search instead for 
Did you mean: 
fwmonitor
Level 7

Application ID detection URL.Host fuzzy match - false positive

Hello,

many customers complain about wrong AppID detection:

all URL.Hosts which contain the string "facebook.com" are detected as "Facebook", here some examples:

www.sex-facebook.net - don't click it :-)

www.hack-facebook-password.org "Potential Hacking/Computer Crime, Malicious Sites" "High Risk"

www.facebook.vc -  "Dating/Personals"

the same for XING (www.philboxing.com, www.boxing.com), Twitter (www.estwitter.com), Gmail (www.strongmail.com), etc.

for reliable detection of the application ID the database should be based on Host.BelongsToDomain regex.

best regards

0 Kudos
1 Reply
asabban
Level 17

Re: Application ID detection URL.Host fuzzy match - false positive

Hello,

thank you for this information. Did you report this to technical support as well? I think this is something we should have a look at and modify the detection.

Best,

Andre

0 Kudos