Developers Documentation

×

Warning

301 error for file:https://clearos.com/dokuwiki2/lib/exe/css.php?t=dokuwiki&tseed=82873f9c9a1f5784b951644363f20ef8

User Tools

Site Tools


Gateway Antiphishing

The Antiphishing feature protects users from phishing – scam messages that attempt to extract sensitive information such as credit card numbers, passwords and personal information. For those of you who have not seen a few samples of “important messages from your bank”, you can read more about phishing here.

Installation

If you did not select this module to be included during the installation process, you must first install the module.

You can find this feature in the menu system at the following location:

Gateway|Antimalware|Antiphishing

Antimalware Updates and ClearSDN

The open source ClamAV solution is the antiphishing engine used in ClearOS Enterprise. This software automatically checks for updates several times a day for new antiphishing signatures. This is already included in ClearOS Enterprise for free!

https://clearos.com/dokuwiki2/lib/exe/fetch.php?media=omedia:clearsdn-icon-xxs.png In addition, the ClearSDN Antimalware Updates service provides additional daily signature updates to improve the effectiveness of the antiphishing system. These signatures are compiled from third party organizations as well as internal engineering resources from ClearCenter. We keep tabs on the latest available updates and fine tune the system so you can focus on more important things.

Configuration

Antiphishing configuration is mostly a matter of fine tuning some policies based on your network needs. In the majority of cases, we recommend enabling all of the antiphishing features.

Signature Engine

Antiphishing signatures (similar to antivirus signatures) are included and maintained by the ClearOS system. The only time you should consider disabling this feature is when you find yourself with a hard to find false positive.

Heuristic Engine

The antiphishing engine uses a basic algorithm to detect phishing attempts. Though this can occasionally trigger a false positive, we recommend leaving this option enabled.

Block SSL Mismatch

A common phishing attack will use a non-secure web address to actually perform the attack, but display the web address to the user as a secure/SSL address. With this feature enabled, the antiphishing software will detect and reject this tactic.

Block Cloaked URLs

Some scammers use special encoding in web addresses (URLs) in an attempt to trick end users. Any URLs that have certain encoding characteristics will be blocked with this feature enabled.

content/en_us/5_antiphishing.txt · Last modified: 2015/03/02 08:50 (external edit)

https://clearos.com/dokuwiki2/lib/exe/indexer.php?id=content%3Aen_us%3A5_antiphishing&1710826012