Is there a firewall that can block a particular connection?

you need to add a rule deny outbound tcp 64.233.183.147 port 80,443,25,143,110 and move it just under any rules that allow local lan, eg allow i/o to/from 127.0.0.1 allow i/o to/from 192.168.0/32

The Windows FW will not do this (ie control outbound), but almost any other will (eg Norton NIS)

why so concerned on google.analytics.com?

Thanx for the response, but all this procedure is time consuming. I'm looking for a software firewall that will give me the choice to block the particular domain of question (and all subdomains) with just a click.

The firewall would have been set with my common prefered tactic e.g "block inbound & outbound" and only if I require a different action (in rare cases) *then* I should proceed to "explain" it to the firewall.

Applications should be handy and smart enough to make things simple for us or at least to keep simple things simple.

google.analytics.com was just an example.

Thanx for the response but all this procedure is time consuming. I'm looking for a software firewall that would give me the choice to block that particular domain of question (and all subdomains) with one click.

The correct question should be: "Do you want to allow *your browser* to access this domain?(or connection). A "No" or "Yes should be enough because the firewall should know (from my preferences) that this is my browser NOT ANY application!

My preferences would guide the common actions of the firewall and only If I decide a different action, "then" I should have to "explain" it to the firewall.

The applications should be handy and smart enough to help us and make things simpler for us. Or at least keep simple things simple...

the "

" is just an example. And it's only accessible by the ip address.

You can't be lazy. There is nothing like this. If you want more control and want to get more specific, then you'll need to mess with rules.

Yes, there are. BTW, which OS are you running?

The FortiClient does this, you can specify a URL including wildcards to block. So for example if I put in *.google.com than it blocks maps.google.com and

but not It doesn't matter which program I am using to browse these sites (firefox, IE, etc) and it puts a block page up in the browser when I try, so that it doesn't sit there and time out or pop up a bunch of warning messages.

This in addition to the category filtering which already blocks out spyware and malicious sites as well as a few other categories I'm not interested in ever looking at such as pay to surf and advertising.

-Russ.

mainly win2000 but also XP (multiboot)

sorry for the double post that was a delayed unintended one from google or my browser...

I went to the site for Forticlient

I was trying to figure out for some time which is what! I don't want to offend anyone but this is one of the best examples of BAD web page design!

Anyway, about the Forticlient I couldn't find how much it costs, and I didn felt comfortable to fill their demo request form either . Also, it includes antivirus which will confilct with my (preferred) NOD32.

Somebody. wrote:

I went to the site for Forticlient

I was trying to figure out for some time which is what! I don't want to offend anyone but this is one of the best examples of BAD web page design!

Anyway, about the Forticlient I couldn't find how much it costs, and I didn felt comfortable to fill their demo request form either . Also, it includes antivirus which will confilct with my (preferred) NOD32.

Gordon, it's not a big deal to set Sygate to do what you want. You don't need to have all or nothing with Opera. Do this in Sygate: Application Rules: Allow Opera; remote port 80, 443; act as client not as server. Go to tools/advanced rules/click add. Work the tabs L to R and fill in the blanks with: Description: block 64.233.183.147 Action: block Remote Host-IP address: 64.233.183.147 Ports and Protocols: TCP; remote port 80; both in/out Application: check Opera Use the UP arrow and run this rule up near the top if you have other adv. rules.

Thats it--Opera cannot connect to 64.233.183.147 Casey

The Forticlient is normally an add-on sale for people that have purchased a FortiGate firewall. FortiNet does not sell direct. Hence the info you're after isn't really that available, it's not intended to be sold that way.

You should go to the reseller page and find somebody near you.

for example (US & Canada).

You'll probably find it on the order of $20 or $30 per seat in Quantity 1

You dont' have to install the AV portion if you don't wish to, it's selctable at install time.

-Russ.

That's fine as long as a) he doesn't mind looking up IP's for sites he wants to connect to b) he's willing to ignore other sites hosted at other IP's that are part of the same top level domain c) the site in question uses only one IP to host the top level page d) he understands that when the DNS entry changes his blocks become invalid.

-Russ.

The question asked was answered. If the roof falls in or the power goes out, he won't be able to make a connection either. Casey

Try Jetico Personal Firewall. It's freeware. It let's you block or allow by site or application.

I don't think those two possibilities are as relavent as the fact that most major websites have mulitple IPs, sub pages on other IPs, and change IPs occasionally. He wants to block an entire top level domain, what you described just plain doesn't work for most large ones. It's just not the same thing as blocking a the top level domain itself, which is what he asked for. And unlike the roof falling in or the power going out, the four possiblities I listed will *give* access to that which he intends to block, rather than restrict it further.

-Russ.

It seems that the two possibilities that Casey Klc wrote was more possible than we all thought because ...WE JUST HAD AN EARTHQUAKE HERE OF 6.9 RICHTER!!! (Athens Greece). The earthquake had a very long duration, we almost danced for about 30 seconds and I felt the ground moving 2-3 feet back and forth -and I'm only on the second floor!

Fortunately the roof didnt fall and probably not many damages will be reported because the epicenter was about 215 kilometers far in the sea area in a depth of 70 kilometers -that saved us. So the rattle movements were relatively soft but it was felt in a very long distance

-even in Egypt and Italy!

See

My advice: Go out and buy sweepstakes!

It seems that the two possibilities that Casey Klc wrote was more possible than we all thought because ...WE JUST HAD AN EARTHQUAKE HERE OF 6.9 RICHTER!!! (Athens Greece). The earthquake had a very long duration, we almost danced for about 30 seconds and I felt the ground moving 2-3 feet back and forth -and I'm only on the second floor!

Fortunately the roof didnt fall and probably not many damages will be reported because the epicenter was about 215 kilometers far in the sea area in a depth of 70 kilometers -that saved us. So the rattle movements were relatively soft but it was felt in a very long distance

-even in Egypt and Italy!

See

My advice: Go out and buy sweepstakes!

It seems that the two possibilities that Casey Klc wrote was more possible than we all thought because ...WE JUST HAD AN EARTHQUAKE HERE OF 6.9 RICHTER!!! (Athens Greece). The earthquake had a very long duration, we almost danced for about 30 seconds and I felt the ground moving 2-3 feet back and forth -and I'm only on the second floor!

Fortunately the roof didnt fall and probably not many damages will be reported because the epicenter was about 215 kilometers far in the sea area in a depth of 70 kilometers -that saved us. So the rattle movements were relatively soft but it was felt in a very long distance

-even in Egypt and Italy!

See

My advice: Go out and buy sweepstakes!