Re: Tinyurl.com and the like

[Angus Scott-Fleming]

+On 27 Jun 2011 at 18:02, Andrew S. Baker  wrote:

 It's a valid concern, but many URL shorteners allow you to see where the
 destination would be if you clicked.  For TinyURL specifically, you can use
 http://preview... and the link to see where it would go manually. And, if
 you're using a web content filter, you can avoid landing at bad locations even
 if you accidentally clicked on them.  This is with the understanding that
 these things change often enough, so layers of security are important.

It's a royal PITA remembering what the expansion options are for all the URL 
shortening services.  This site can be a blessing when investigating those 
shortened URLs:

Untiny: http://untiny.me/

There are several Firefox add-ons to automagically expand those shortened URLs 
for the paranoid among us.

Long URL Please Mod :: Add-ons for Firefox
https://addons.mozilla.org/en-US/firefox/addon/long-url-please-mod/

Xpnd.it! short URL expander :: Add-ons for Firefox
https://addons.mozilla.org/en-US/firefox/addon/xpndit-short-url-expander/


--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
Security Blog: http://geoapps.com/





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Tinyurl.com and the like

[Andrew S. Baker]

It's a valid concern, but many URL shorteners allow you to see where the
destination would be if you clicked.   For TinyURL specifically, you can use
http://preview... and the link to see where it would go manually.

And, if you're using a web content filter, you can avoid landing at
bad locations even if you accidentally clicked on them.   This is with
the understanding that these things change often enough, so layers of
security are important.



*ASB*

*http://about.me/Andrew.S.Baker*

*Harnessing the Advantages of Technology for the SMB market...*






On Mon, Jun 27, 2011 at 5:52 PM, David Lum david@nwea.org wrote:

 Does this look like a valid concern?

 http://www.brighthub.com/computing/smb-security/articles/58970.aspx

 ** **

 I can’t get a feel if this is isolated (or not) enough to warrant concern.
 I remember a couple years ago I posted a TinyURL link to this list and a
 couple people voiced concerns – this was right around the time they added
 the previewURL feature

 ** **

 Dave

 ** **

 *From:* Andrew S. Baker [mailto:asbz...@gmail.com]
 *Sent:* Monday, June 27, 2011 2:49 PM
 *To:* NT System Admin Issues
 *Subject:* Re: Tinyurl.com and the like

 ** **

 No, not currently.
 

  

 *Andrew S. Baker (ASB)*

 Professional bio:* http://about.me/Andrew.S.Baker*

 *Harnessing the Advantages of Technology for the SMB market...*

   

 ** **



 

 On Mon, Jun 27, 2011 at 5:17 PM, David Lum david@nwea.org wrote:

 Do any of you guys block tinyurl.com and similar URL-shortening websites?*
 ***

 *David Lum*
 Systems Engineer // NWEATM
 Office 503.548.5229 //* *Mobile 503.267.9764




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin