Ya, I’m gonna have to see if we need to blacklist this for our org now. That’s not gonna be popular.

Thanks! It’s good to know since I’ve only ever worked at this Organization in an IT capacity before. Best of luck cleaning up your mess as well!

Working on a proposal for our team to take over the rest of IAM in AWS as no one is following best practices as discussed. Finding generic service roles with no documentation that have Admin rights with the access key in clear text in a variety of Lamba functions. Like, what the fuck people…

The browser’s original purpose was to market their shitcoin wasn’t it?

As someone in the InfoSec field, I also hate those people.

That is possible as well. Those firewalls are capable of packet inspection. If you are using personal devices it won’t be able to see much if you are using encryption in transit but if you are using University provided machines there is a good chance they can inspect all the data you are sending and receiving.

Are you hosting a service that is not under your organizations official domain or something? It is common security practice to block newly created domains which may be why your domain is blacklisted if you only recently stood it up.

Sounds like your university is using a Palo Alto Next Gen Firewall which is intercepting DNS requests and responding with the sinkhole FQDN for anything they deem malicious or suspicious. You can try to override this with DNS over HTTPS but they may also be blocking that. Standard security stuff. You can also probably try to open an IT ticket and request that they whitelist the domain.

I can feel this reply. Cheers to a better weekend!