Results 1 to 4 of 4

Thread: Blocking IP Addresses

  1. #1
    avecchio Guest

    Default Blocking IP Addresses

    I am running ZoneAlarm Free version 7.0.408. I would like to block IP adrresses. When I read the ZoneAlarm manual it tells me to:

    1. Select Firewall|Zones.
    2. Click Add, then select IP address from the shortcut menu.
    The Add IP Address dialog appears.
    3. Select Blocked from the Zone drop-down list.
    4. Type the IP address and a description in the boxes provided, then click OK.

    Unfortunately, the only option I have in the drop-down list is "Trusted".

    Can I block IP addresses using the free version?


    Operating System:Windows XP Pro
    Software Version:7.0
    Product Name:ZoneAlarm (Free)

  2. #2
    watcher Guest

    Default Re: Blocking IP Addresses

    Dear avecchio:

    Evidently not, as I use ZAPRO and have both Trusted and Blocked as options. Do you have an Expert tab in the Firewall panel? If you do, you can create expert firewall rules to block IP ranges of malicious sites. Also, do you have an Alerts and Logs panel? If so, you can click on an entry, then click the More Info button, and the online SmartDefense Advisor, under the Hacker ID tab, will give the name and IP range of the site which you then use to create the expert firewall rule.

    Hope this helps.


  3. #3
    avecchio Guest

    Default Re: Blocking IP Addresses

    Thanks for the response. I only have 2 tabs in the Firewall panel; Main & Zones. There is no Expert tab. The Main panel allows you to set Internet and Trusted Zone Security for Off to High. It also has an Advanced button which allows me to check off:

    - Block Trusted Zone servers
    - Block Internet Zone servers
    - Allow uncommon protocols at high security
    - Allow Outgoing DSN/DHCP in Trusted Zone on High setting
    - Allow Outgoing DSN/DHCP in Internet Zone on High setting
    - Lock host file
    - Disable Windows Firewall
    - Filter IP traffic over 1394

    The last 2 are checked.

    The Zones panel just has Add, Edit and Remove buttons. When you go to Add or Edit, the only option for Zone is Trusted ( their is no option for Block).

    Here is what I am really interested in doing: My teenage son has his own computer and downloads all kinds of stuff from the internet. While it would be annoying to have his computer infected, it would be a disaster if a virus found its way over our LAN to my and my wife's computers. I would like to like to maintain connectivity between my wife's and my computers but block his computer from access.

    Any ideas would be appreciated.


  4. #4
    watcher Guest

    Default Re: Blocking IP Addresses

    Dear avecchio:

    Assuming you don't want to buy ZAPRO to block it at your network perimeter using the firewall, you can use the HOSTS file to block websites. First, though, uncheck the option, Lock hosts file, in the Advanced Settings dialog box, which is displayed by clicking the Firewall panel, Main tab, and clicking the Advanced button. This allows you to edit the HOSTS file and save the changes. Be sure afterwards that you check this feature again to prevent others from editing this file. Also, some antispyware utilities by default will alert/block you when trying to change this file so be sure to allow it.

    The HOSTS file is located in C:\WINDOWS\system32\ drivers\ etc. Open it using Notepad and you will see a single entry: localhost

    You can add to this any website you want to block or add static IP addresses for specific websites to avoid DNS lookups. It makes the Internet faster when viewing specific websites listed here but the downside is that if the IP address for the website changes, and they do, you won't be able to connect to that site. The syntax for adding websites is:

    IP Address Hostname(URL) Alias

    To block a website, try this example: Block Test

    Save the file with the change. You will no longer be able to connect to Yahoo any more. That's because your browser looks to the HOSTS file first before going to a DNS server that most ISPs provide. Remove the entry, save the file, and you will have access again.

    To add a static IP address for a website, which is not recommended unless you use a small number of websites regularly and want faster speed in connecting to them,
    click Start, Run, type CMD, then click OK. In the DOS window that appears, type:


    and the following IP address will display for Yahoo:

    which you can now use for faster access to this website by typing the following in the HOSTS file: Static IP Entry

    Note, you do not need to use an Alias which is usually a short explanation as to why you are adding this entry. Also, I use 3 spaces between IP Address, Hostname, and Alias but you can use more but be sure all 3 fields are on the same line. In addition, there are websites out there that post a list of bad websites for use in a HOSTS file. You can download these lists and copy and paste them into your HOSTS file for content filtering. The school that I attended did this. However, the downside to this is that if kids learn about this file, and look at the websites listed there, they now have a list of some of the worst pornographic and malicious websites out there and can delete the entry(ies) to view them. You only need look at the names of some of these websites to know they are bad.

    Hope this helps.


Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts