Computer Related > Cisco Security Miscellaneous
Thread Author: Pat Replies: 9

 Cisco Security - Pat
I get email notifications from a couple of forums I use when someone replies to a thread.

I have started to get a page which says the website is suspect and it is being checked by Cisco Security. Eventually a set of red and green buttons appear for me press to say if I trust the site or not.

It's annoying me because I am admin on one of them and asumed it was something which I could disable in our ISP's control panel, but they know nothing about it.

Where has it come from and how do I get rid of it please?

It seems to have arrived around the time I put Office 2010 on here.

Pat
 Cisco Security - TeeCee
>> I have started to get a page which says the website is suspect and it is being checked by Cisco Security.

If you are getting a page, then there is DNS interception and redirection going on. This means there are but four possibilities:
1) It's part of your A/V or firewall package. That is unlikely to claim to be Cisco though.
2) It is your ISP who are using a Cisco appliance. They've already denied this though.
3) You are using a 3rd party DNS provider. If you don't remember manually configuring that, you are not.
4) You have a Linksys (aka Cisco) router and it's doing it courtesy of a recent firmware update. That would be my favourite.

Log into your router and see if it's aquired a web screening function. If it has, either disable it or whitelist your sites.

The reason they're getting the bronx cheer is almost certainly nothing to do with the sites themselves being moody, but due to dodgy content being punted via the ad-pushers from a third party.
 Cisco Security - rtj70
If it is a Cisco router and it's updated, it might now be running the Cloud Connect firmware for which you need an online account to administer the router. Recently renamed to Linksys Smart WiFi I think because Cisco are selling Linksys to Belkin.

Pat, when you say you're getting the Cisco warning page - is that when you're accessing the forum itself?
Last edited by: rtj70 on Fri 1 Mar 13 at 16:13
 Cisco Security - Pat
Let me try and explain a bit better rtj:)

We have a private forum where the trustees of the charity can conduct discussions and decision.
It is with the same ISP as our main PDF website and forum but entirely seperate.
When any of us post in there I have it configured to send me an email.
It's a standard notification email with a link to the thread.
I click on the link to the thread and this is when the Cisco page pops up.
The emails are now marked in the title [suspicios Email].

I think it may be the router although it is a standard Tiscali one.

Just looked and it's an HUAWEI Echo Life HG521

Pat
Last edited by: pda on Fri 1 Mar 13 at 16:30
 Cisco Security - rtj70
Can you try accessing the link using a different Internet provider and not your ISP and router? I don't see why a HUAWEI would do something that references Cisco. But it could be related to the host site of your forum.

If you trusted someone else (that does not have a logon to the forum) they could try clicking on the link if you provided them with it.


 Cisco Security - Pat
I can't do that rtj, no matter how much I trust them it would be unprofessional to risk the data in there.

It does it with one other site too but I don't use very often and I had a notification from that site this morning.

Here it is

>>>Hello bloodoodle,

You are receiving this notification because you are watching the topic,
"The TruckNet UK Charity Party - The Aftermath" at "The TruckNetĀ® UK
Drivers RoundTable". This topic has received a reply since your last visit.
You can use the following link to view the replies made, no more
notifications will be sent until you visit the topic.

If you want to view the newest post made since your last visit, click the
following link:

secure-web.cisco.com/auth=11Gn9iilfw3O9Qw3IrSKjVO--af2ez&url=http%3A%2F%2Fwww.trucknetuk.com%2FphpBB%2Fviewtopic.php%3Ff%3D2%26t%3D96743%26p%3D1420182%26e%3D1420182

If you want to view the topic, click the following link:
secure-web.cisco.com/auth=11jHHBsuq3rKy-S2uJWE-g9bclbygY&url=http%3A%2F%2Fwww.trucknetuk.com%2FphpBB%2Fviewtopic.php%3Ff%3D2%26t%3D96743

If you want to view the forum, click the following link:
secure-web.cisco.com/auth=11bHKSpXPxg0nbygbBhD1MRI54pivW&url=http%3A%2F%2Fwww.trucknetuk.com%2FphpBB%2Fviewforum.php%3Ff%3D2

If you no longer wish to watch this topic you can either click the
"Unsubscribe topic" link found at the bottom of the topic above, or by
clicking the following link:


secure-web.cisco.com/auth=117mBKJnb2nUfXdCWK-E2jjwie_dnu&url=http%3A%2F%2Fwww.trucknetuk.com%2FphpBB%2Fviewtopic.php%3Fuid%3D2449%26f%3D2%26t%3D96743%26unwatch%3Dtopic

--
The Drivers Website
www.TruckNetUK.com

<<<

Try that one.

Pat
 Cisco Security - rtj70
If they are really the links in the email, then the software sending you the emails have added the Cisco URL as a prefix to scan the site. Having clicked on one I'd find that annoying - i.e. waiting for it to scan and then asking if you trust it.

Does it work the same for your other forum? I am assuming the people running the forum server has set it up to do this. Although since it might be your forum you'd know that wouldn't you?
 Cisco Security - Zero
Well someone is using the Cisco email and web security product. Its not your home tiscali ISP, so given you are entering a secure portal it must be your Hosting site and I suspect its caused by an out of date security certificate.
 Cisco Security - Pat
That's what is odd about this.

It works exactly the same on our private forum.

I'm admin and haven't set it up to do it and the ISP haven't either.

I will get on to CWCS on Monday and quiz them further about it.

It annoys me too rtj!

Pat
 Cisco Security - rtj70
If the Cisco embedded links are in the emails then the host for the forum is doing this. It has nothing to do with your ISP. It is the hosting company of the provider.
Latest Forum Posts