Solved

How to block internet traffic to this site :  www.aodiy.com/hk/gz.txt

Posted on 2009-05-17
10
401 Views
Last Modified: 2013-11-16
Hi ,

I want to stop the out going traffic to this site from a system through firewall.

208.73.210.121, 80, WAN, parkinglot.searchportal.information.com
Category:99 - MAC address: 00:0f:ea:98:c7:bd - www.aodiy.com/hk/gz.txt

i tried url filtering in firewall. but it does not help.

Firwall : Sonicwall TZ170
0
Comment
Question by:eecnmsuresh
10 Comments
 
LVL 15

Expert Comment

by:badgermike
Comment Utility
you can't go into content filtering for the sonicwal cfs and add that url?

0
 
LVL 6

Expert Comment

by:KevinCovert
Comment Utility
I would try two things if your content filtering does not seem to be working, you could create a firewall rule to block all traffic from that host to that domain's public IP address.

Or if you have local admin access to the host with not so tech savy users, you could add an entry in the hosts file to negate the domain to that PC by adding an entry to point that domain to a null address.

For example you could simply put a line

127.0.0.1              information.com  

More info here
http://www.mvps.org/winhelp2002/hosts.htm

But more seriously, I would look into why your content filter is not working.  For that Check to see it is enabled on the firewall, and then also applied to that interface/firewall policy.

KMC
0
 
LVL 5

Expert Comment

by:devangshroff
Comment Utility
which firewall u have
0
 
LVL 16

Accepted Solution

by:
warturtle earned 250 total points
Comment Utility
You can scan that system with SuperAntiSpware (www.superantispware.com) or MalwareBytes Anti-Malware (www.malwarebytes.org) to finish the infection. This will be easier to do and shouldn't require any firewall changes.
0
 
LVL 6

Expert Comment

by:KevinCovert
Comment Utility
How are you doing on this issue?
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 47

Assisted Solution

by:rpggamergirl
rpggamergirl earned 250 total points
Comment Utility
If the problem persists, also use Combofix to make sure no nasties lurking there.

Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
(If it doesn't run re-download but rename before saving to your desktop)

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
 

If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 
LVL 1

Expert Comment

by:LynchburgComputingTech
Comment Utility
This may not be the solution you want, but most of my larger customers I've switched to OpenDNS which is a DNS filter.  Keeps out all the bad sites and is completely free..  You can also add domains and urls to your own black list.  Something to think about.
0
 
LVL 6

Expert Comment

by:KevinCovert
Comment Utility
How is this issue coming along?

KMC
0
 

Author Comment

by:eecnmsuresh
Comment Utility
Tried it and it is not coming now.
0
 

Author Closing Comment

by:eecnmsuresh
Comment Utility
with help of sonicwall firewall support.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
PUP or Virus 6 62
We got ransomware on the server fileserver 2012 17 126
Dealing with Locky ransomware... 13 76
ASA Shunning internal IP 10 31
It started not too long ago. It was at first annoying. My keystrokes seemed to be randomly generated, not the ones I typed on the keyboard. For some reason this only happened in certain applications (especially browsers such as IE11, Firefox and Chr…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now