The post goes on to speculate that URL filters would have difficulty detecting and blocking the obfuscated URLs, leaving users vulnerable to these attacks. While many web filtering vendors may be susceptible to this attack, eSoft customers are protected. eSoft SiteFilter provides full support for these obfuscated URLs, filtering sites in ALL categories.
Using the example of playboy.com, the URL can be expressed in many different ways including the few examples below.
http://216.163.137.68
http://3634596164
http://0xd8.0xa3.0x89.0x44
http://0xd8.0xa3.0x89.68
http://0330.0243.0211.0104
http://000000330.0xa3.137.0104
http://0xD8A38944
http://033050704504
As shown on the Test a Site portal, eSoft correctly interprets these encoded addresses and detects each of these URLs as Pornography/Sex, the same as the domain playboy.com.
With the example found by Kaspersky, vendors that do not accurately filter these URLs leave users vulnerable to dangerous banking Trojans and end-user evasions. Malicious campaigns using this technique have been seen in the past and due to their effectiveness will be used in the future.
eSoft’s web filtering technology and focus on security provides users with unsurpassed protection against the latest web threats, including these obfuscation techniques.