Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How to block internet traffic to this site :  www.aodiy.com/hk/gz.txt

Posted on 2009-05-17
10
Medium Priority
?
433 Views
Last Modified: 2013-11-16
Hi ,

I want to stop the out going traffic to this site from a system through firewall.

208.73.210.121, 80, WAN, parkinglot.searchportal.information.com
Category:99 - MAC address: 00:0f:ea:98:c7:bd - www.aodiy.com/hk/gz.txt 

i tried url filtering in firewall. but it does not help.

Firwall : Sonicwall TZ170
0
Comment
Question by:eecnmsuresh
10 Comments
 
LVL 15

Expert Comment

by:badgermike
ID: 24408804
you can't go into content filtering for the sonicwal cfs and add that url?

0
 
LVL 6

Expert Comment

by:KevinCovert
ID: 24408910
I would try two things if your content filtering does not seem to be working, you could create a firewall rule to block all traffic from that host to that domain's public IP address.

Or if you have local admin access to the host with not so tech savy users, you could add an entry in the hosts file to negate the domain to that PC by adding an entry to point that domain to a null address.

For example you could simply put a line

127.0.0.1              information.com  

More info here
http://www.mvps.org/winhelp2002/hosts.htm

But more seriously, I would look into why your content filter is not working.  For that Check to see it is enabled on the firewall, and then also applied to that interface/firewall policy.

KMC
0
 
LVL 5

Expert Comment

by:devangshroff
ID: 24409709
which firewall u have
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

 
LVL 16

Accepted Solution

by:
warturtle earned 750 total points
ID: 24410246
You can scan that system with SuperAntiSpware (www.superantispware.com) or MalwareBytes Anti-Malware (www.malwarebytes.org) to finish the infection. This will be easier to do and shouldn't require any firewall changes.
0
 
LVL 6

Expert Comment

by:KevinCovert
ID: 24437127
How are you doing on this issue?
0
 
LVL 47

Assisted Solution

by:rpggamergirl
rpggamergirl earned 750 total points
ID: 24440194
If the problem persists, also use Combofix to make sure no nasties lurking there.

Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
(If it doesn't run re-download but rename before saving to your desktop)

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
 

If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix 
0
 
LVL 1

Expert Comment

by:LynchburgComputingTech
ID: 24444040
This may not be the solution you want, but most of my larger customers I've switched to OpenDNS which is a DNS filter.  Keeps out all the bad sites and is completely free..  You can also add domains and urls to your own black list.  Something to think about.
0
 
LVL 6

Expert Comment

by:KevinCovert
ID: 24476118
How is this issue coming along?

KMC
0
 

Author Comment

by:eecnmsuresh
ID: 26004139
Tried it and it is not coming now.
0
 

Author Closing Comment

by:eecnmsuresh
ID: 31582474
with help of sonicwall firewall support.
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Curious about the latest ransomware attack? Check out our timeline of events surrounding the spread of this new virus along with tips on how to mitigate the damage.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question