Jump to content

How do I block network traffic to the dangerous new TLDs .zip .mov domains


Recommended Posts

Posted

I've searched the help files and the web and found no answer.  And the question does not seem to have come up in forum.kaspersky.com yet.  But I have determined that the generally recommended solutions for companies are to block them in their firewalls.  For us Kaspersky home users, our firewalls are in our Kaspersky products.

Kaspersky officially warns us that the .zip and .mov domains are dangerous to us here:
Beware the .zip and .mov domains!  (May 23, 2023)

But on closer examination of the issue there is no actual way for users to scrutinize these character strings that go to these domains because web browsers, office software, and doubtless other apps, automatically convert strings that end with .zip and .mov in existing documents to URLs.  This greater danger is explained here:
YouTube: Google's Zip Domains Are WORSE Than I Thought | ThioJoe  

Every web page on every forum and every website, including this one, that mentions an example.zip or temp.zip or other zip filename is now going to be converted to a link automatically when viewed by web browsers, office and email software, and various other apps.

So we need to either block our computers from the .zip and .mov TLDs or put up a huge red "Do really want to go to <URL>" warning.  Google won't like that, because it will hurt sales of new .ZIP and .MOV domains they are selling.  But, since Google obviously doesn't care if it makes huge holes in our computer security, who cares what Google wants.  Kaspersky's job is to make our computers secure.  

I'm on the latest Current version of Windows 10 Home (22H2) Version 10.0.19045 Build 19045 (but other people are going to want to know how to do this on Windows 11 and Android).
I'm on Kaspersky Plus 21.13.5.506 (but home and SOHO users are going to want to know how to do this on other Kaspersky products as well).    

Again, I've searched the help files and the web and found no answer.  And the question does not seem to have come up in forum.kaspersky.com yet.  But I have determined that the generally recommended solutions for companies are to block them in their firewalls.  For us Kaspersky home users, our firewalls are in our Kaspersky products.  So how do I do this?

  • Like 1
Posted

Hello @Keith2468, Welcome.

Can you please take a look at this suggestion?


Maybe it will give you a hint to a solution.

  • Like 2
  • 2 weeks later...
Posted

It didn't work.  It didn't even work in my Chrome browser.

Example.zip is a test URL that re-directs to a harmless rick roll video (https://www.youtube.com/watch?v=xvFZjo5PgG0I added the suggested rules to Kaspersky Plus and tested that by typing example.zip into the address bar of my Chrome browser.  Example.zip still takes me to the rick roll video.

So Antibanner did NOT WORK work for me even in the web browers with Kaspersky Protection enabled and the two suggested filters in Antibanner.

image.thumb.jpeg.82b757ff5a0f88a088d79693962f7446.jpeg

 

 

Posted
2 hours ago, Keith2468 said:

Image.thumb.jpeg.82b757ff5a0f88a088d79693962f7446.jpeg

Delete "https://"

 

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...