CLOSED How to block connection to website

[Jimbo 0]

When I connect to http://www.bing.com/ OA reports multiple iexplorer.exe/TCP connections are opened.  These connections remain even if IE 8 is closed.  (This is on a Win XP system, hence IE

 

For example. edge-star-shv-03-ash5.facebook.com

 

Both of the following have been entered in OA Domains with a status of "Blocked" but the connection is still made.

edge-star-shv-03-ash5.facebook.com

*.facebook.com

 

 

Closing the connection in OA does nothing.

 

Anyway to block such connections?

 

 

[GT500 585]

You'll have to block the IP address rather than the domain name. The reason why has to do with the way TCP/IP and domains names work, and I can do my best to explain it if you want me to.

The IP address for edge-star-shv-03-ash5.facebook.com is 173.252.112.23 from what a quick ping is telling me. The IP address for facebook.com is 173.252.110.27 (if you want to block both of those addresses, then you will have to block both IP addresses).

[Jimbo 0]

Thank you for responding!

 

 

 

Ok, you did a ping to get the IP address of edge-star-shv-03-ash5.facebook.com getting 173.252.112.23.

In the OA firewall I found the url in the Remote address field, noted the "local address", then unchecked "Resolve Addresses."  OA lists the IP address in "Remote address" as 69.171.242.27.  The latter address actually resolves to out.edge-star-ecmp-02-ash3.facebook.com.  Both addresses will be added.

 

I *THINK* this is done via a blacklist.  However, I have tried to find how to create a blacklist.  OA Help says to select a blacklist and "edit".  So, an empty file was created called "OA Blacklist.txt" but OA says it is not a black list.  Nor, does it allow entering a file name after clicking Add.  An internet search turns up addresses to download a blacklist, which seems dangerous!

 

 

Would you mind pointing me to instructions on creating a blacklist?

 

[GT500 585]

I would believe what you are looking for is the Restrictions tab in the Firewall. The information at this link says "The Restrictions tab allows you to restrict connections by IP address/range and by Country." You should be able to add IP addresses to that list to be blocked, however please note that this functionality requires Online Armor Premium.

[Jimbo 0]

The first thing I looked at was the restrictions tab.  Assuming this is the tab to use then

(1) "All Connections" would have to be set "Allowed" and every connection to be prevented would have to be listed.  Presumably the current setting is denying some connections and allowing those probably wouldn't be a good idea.

(2)  Since the current setting for "All Connections" is "Denied" then the connection being discussed would have been denied or the firewall is failiing.

 

Thus, I don't think this is the right location.

[Jimbo 0]

You stated:  please note that this functionality requires Online Armor Premium.         

Per the status page I have: Emisoft Online Armor version 6.0.0.1736 Premium edition

[GT500 585]

(1) "All Connections" would have to be set "Allowed" and every connection to be prevented would have to be listed. ...

That would be the best way, unless you want to deny every incoming connection except for those from the IP addresses you specify.