How to block internet traffic to this site : www.aodiy.com/hk/gz.txt

Hi ,

I want to stop the out going traffic to this site from a system through firewall.

208.73.210.121, 80, WAN, parkinglot.searchportal.information.com
Category:99 - MAC address: 00:0f:ea:98:c7:bd - www.aodiy.com/hk/gz.txt 

i tried url filtering in firewall. but it does not help.

Firwall : Sonicwall TZ170
eecnmsureshAsked:
Who is Participating?
 
warturtleCommented:
You can scan that system with SuperAntiSpware (www.superantispware.com) or MalwareBytes Anti-Malware (www.malwarebytes.org) to finish the infection. This will be easier to do and shouldn't require any firewall changes.
0
 
badgermikeCommented:
you can't go into content filtering for the sonicwal cfs and add that url?

0
 
KevinCovertCommented:
I would try two things if your content filtering does not seem to be working, you could create a firewall rule to block all traffic from that host to that domain's public IP address.

Or if you have local admin access to the host with not so tech savy users, you could add an entry in the hosts file to negate the domain to that PC by adding an entry to point that domain to a null address.

For example you could simply put a line

127.0.0.1              information.com  

More info here
http://www.mvps.org/winhelp2002/hosts.htm

But more seriously, I would look into why your content filter is not working.  For that Check to see it is enabled on the firewall, and then also applied to that interface/firewall policy.

KMC
0
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

 
devangshroffCommented:
which firewall u have
0
 
KevinCovertCommented:
How are you doing on this issue?
0
 
rpggamergirlCommented:
If the problem persists, also use Combofix to make sure no nasties lurking there.

Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
(If it doesn't run re-download but rename before saving to your desktop)

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
 

If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix 
0
 
LynchburgComputingTechCommented:
This may not be the solution you want, but most of my larger customers I've switched to OpenDNS which is a DNS filter.  Keeps out all the bad sites and is completely free..  You can also add domains and urls to your own black list.  Something to think about.
0
 
KevinCovertCommented:
How is this issue coming along?

KMC
0
 
eecnmsureshAuthor Commented:
Tried it and it is not coming now.
0
 
eecnmsureshAuthor Commented:
with help of sonicwall firewall support.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.