Solved

block a file?

Posted on 2006-11-21
8
169 Views
Last Modified: 2010-04-10
Is it possible to block requests for a file through a cisco pix?  We were told by our isp that we had machines requesting a particular file that is virus related.  Until I can get my av solution under control, I would like to block the request for that file in the firewall.  Is that possible?  the request is on port 80, and for osa.gif

so infected machines are looking for http://variousdomainname/osa.gif

If so, how is this done in a pix IOS 6.3

Thanks!
Scott
0
Comment
Question by:scottman29
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 29

Expert Comment

by:ScottCha
ID: 17990609
Why would you post a like to a potentially virus infected file?

Hopefully a moderator will remove the link immediately.
0
 
LVL 5

Author Comment

by:scottman29
ID: 17990647
that's not a real link, that was an example.
0
 
LVL 29

Expert Comment

by:ScottCha
ID: 17990679
Ooops.  Sorry.

I should have looked at your stats and realized you would have known better.

Guess I jumped the gun on that one.
0
 
LVL 7

Accepted Solution

by:
killbrad earned 250 total points
ID: 17990709
Not possible via PIX.  

Check out Squid proxy with DansGuardian content filtering.  Very useful stuff:

http://www.squid-cache.org/
http://dansguardian.org/
0
New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

 
LVL 8

Expert Comment

by:caddlady
ID: 17992452
can you resolve the domain name to an IP address and block all outbound to that IP address?
0
 
LVL 8

Expert Comment

by:caddlady
ID: 17992470
Something like this:

access-list outbound deny tcp any xxx.xxx.x.x 255.255.0.0 eq www

0
 
LVL 5

Author Comment

by:scottman29
ID: 17993095
well, we do have a webfilter.  I blocked it in that.  The webfilter works with the pix...
0
 
LVL 27

Expert Comment

by:pseudocyber
ID: 17995792
No, not with the pix.  You can block layer 3 and 4 traffic.  File types is layer 6 & 7.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

I was recently sitting at a desk at work with one of my colleagues and needed some information on my home computer. He watched as I turned on my home computer, established a remote session into it, got the information I needed and then shut it down …
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now