Cannot block site viooz.co

Reply
MemphisBrothers
L3 Networker

Cannot block site viooz.co

This is an illegal movie site that shows anything even stolen movies for free.   The IP address is 5.199.170.104  I have tried blocking the site name, the ip.  Nothing works.  It's almost like the site is an anonymizer itself.  I would love any help at all.  I need to totally block this site from our network.

I have redundant PA-500s. 


Accepted Solutions
MemphisBrothers
L3 Networker

Dude, really.  You don't think I have tried that?  It does not work.  I did find a clever way to stop it.

Go to Objects -> Regions. Add a new one and name it whatever (I called it Viooz_Lithuania for testing). Put 5.199.170.104 as the IP address for the region.

Then, go to Policies -> Security and create a new security policy. I named it Block_Viooz. The rule looks like this:

Source Zone: Trust (LAN)
Source Address: Any
Source User: Any
HIP Profile: Any

Destination Zone: Untrust (ISP)
Destination Address: choose the Region you created (Viooz_Lithuania for me)
Destination Application: Any
Destination Service: Any

Action: Deny
Profile: None

I set this rule near the top of the list, and then when trying to browse to http://viooz.co, I got page cannot be displayed, and a Deny entry logged in my Traffic Log.

View solution in original post


All Replies
MemphisBrothers
L3 Networker

Brightcloud has it as an entertainment category.  It should also be streaming media and illegal.  I have requested a change. 

zarina
L5 Sessionator

You can add it to the URL block list:

viooz.co/

*.viooz.co/*

and apply this profile to the security policy.

MemphisBrothers
L3 Networker

Dude, really.  You don't think I have tried that?  It does not work.  I did find a clever way to stop it.

Go to Objects -> Regions. Add a new one and name it whatever (I called it Viooz_Lithuania for testing). Put 5.199.170.104 as the IP address for the region.

Then, go to Policies -> Security and create a new security policy. I named it Block_Viooz. The rule looks like this:

Source Zone: Trust (LAN)
Source Address: Any
Source User: Any
HIP Profile: Any

Destination Zone: Untrust (ISP)
Destination Address: choose the Region you created (Viooz_Lithuania for me)
Destination Application: Any
Destination Service: Any

Action: Deny
Profile: None

I set this rule near the top of the list, and then when trying to browse to http://viooz.co, I got page cannot be displayed, and a Deny entry logged in my Traffic Log.

View solution in original post

zarina
L5 Sessionator

Using URL block list will work too. I tested this in the lab and works fine.

MemphisBrothers
L3 Networker

All due respect to you, it may work in your lab.  But that is the first way we tested it in our real world environment and it did not stop students from accessing the site.  All recommendations are appreciated. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!