Jump to content

Best way how to block specific websites


Recommended Posts

Hi. Which is the best way how to block via ESET specific websites? I know you can do this via these two options:

Web control or via Web access protection. If I turn on web access protection ESET blocked lots of non dangerous websites. So it is better create a block rules via Web control option?

It is very bad because via Web access protection you can block downloading specific files, etc.

Thank you for your help.

Link to post
Share on other sites
  • Administrators

Web access protection is a vital protection feature which must be kept enabled (at least if the computer has Internet access). You can use URL management to block specific urls.

Link to post
Share on other sites

Yes, I know what about URL Address Management feature? For example If I turn this feature on and fill List of blocked addresses  and I noticed almost everything is blocked via ESET :( Is better for this purpose (blocking website which for any purpose) use Enable Web control feature? :) Thank you very much!

Link to post
Share on other sites
  • Administrators
11 minutes ago, Martin25B93 said:

If I turn this feature on and fill List of blocked addresses  and I noticed almost everything is blocked via ESET :(

Please block the desired addresses via the URL management, wait a while until some URLs are blocked and then collect logs with ESET Log Collector. When done, provide the generated zip file and also let me know which of the blocked addresses you didn't want to block.

Link to post
Share on other sites
1 hour ago, Martin25B93 said:

For example If I turn this feature on and fill List of blocked addresses  and I noticed almost everything is blocked via ESET :( I

Did you create an entry in the "List of blocked addresses" and place an "*" there? If so, all URLs will be blocked except those specified in the "List of allowed addresses."

By default, the "List of blocked addresses" is empty. As such, nothing is blocked by Eset other than its real-time detections. If you only want to absolutely block 20 specific URLs, just add those to the "List of blocked addresses."

 

 

Link to post
Share on other sites

I blocked these apps via Web control. Web access protection feature I would like to use for blocking downloading some dangerous files but it not working.

I created rule for decline downloading all torrents -> **.torrent

Everything checked I have turn on SSL and HTTP/HTTPS. Do you know where can be a problem?

Link to post
Share on other sites
1 hour ago, Martin25B93 said:

I created rule for decline downloading all torrents -> **.torrent

Per Eset online help:

Quote

Block or allow specific file extensions

URL address management also allows you to block or allow the opening of specific file types during internet browsing. For example, if you do not want executable files to be opened, select the list where you want to block these files from the drop-down menu and then enter the mask "**.exe".

https://help.eset.com/ees/7/en-US/idh_config_parental_rule_edit_dlg.html?idh_config_epfw_scan_http_address_list.html

The problem here as I see it is torrent files are download outside of a browser. I believe URL management only controls access to files opened in a browser.

Edited by itman
Link to post
Share on other sites
9 hours ago, Martin25B93 said:

Yes. But before you start torrent downloading you need to find that .torrent file for example.

-EDIT- Try what is shown in this Eset online help article first: https://help.eset.com/ees/7/en-US/how_block_file_dwnl.html. That is enter, *.*.torrent and */*.torrent in URL blocked address list.

However, read this article: https://www.techworm.net/2020/04/download-torrent-site.html. By blocking .torrent downloads, you are only blocking the "seeding" file and not the actual downloaded files. Also note:

Quote

On the other hand, a magnet link will offer a direct line and connect the downloader to each file.

-END EDIT-

The only way to do this would be to block access to torrent web sites by domain name filtering via URL address management. Here's a list of approx. 30 of them and I am sure more exist: https://www.alltorrentsites.com/ .

Note that to download torrent files, Torrent software must be installed. I really don't know why any commercial concern would allow users to install like software or any software for that matter: https://security.stackexchange.com/questions/122617/how-to-block-torrent-sites .

If we are referring to BitTorrent, it's inbound traffic can be blocked by creating an Eset firewall to do so: https://imacify.com/2013/07/what-is-torrents-and-how-to-block-torrent-downloads/ although torrents can use any port.

Or:

Quote

Another approach would be to block the types of connections that Bittorrent requires. As a peer-to-peer protocol, peers outside your network need to connect in. A firewall could prohibit incoming connections to your user subnet, while permitting them to your intended outward-facing services. An IPS could put a threshold on the number of incoming and outgoing connections, since Bittorrent clients need to connect to multiple peers (and have multiple peers connect to them) in order to function.

https://security.stackexchange.com/questions/33983/what-are-the-tcp-udp-ports-used-by-torrent-applications

The problem here I believe is the torrent client/s are initiating the download by performing an outbound connection. As such, the Eset firewall will allow that inbound traffic.

Edited by itman
Link to post
Share on other sites

Also and important, note that Cisco Meraki network perimeter security appliances for example have Web content filtering granularity to the level where specific Torrent traffic can be blocked. However, they footnote this capability with the following statement:

Quote

Note: File sharing programs, such as BitTorrent, are now able to be configured to encrypt traffic as secure HTTPS, potentially bypassing P2P traffic shaping rules that have been configured. Cisco Meraki MX Security Appliances and Wireless APs are capable of detecting some of the encrypted P2P traffic on the network. When encrypted P2P traffic is detected, it will be matched to any configured P2P traffic shaping rules, and honor the limitations that have been configured.  However, if the traffic is encrypted, it may not be possible to accurately classify all of the offending traffic.

https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Blocking_P2P_And_File_Sharing

Edited by itman
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...