We will use Socket Sentinel Pro to set a pre-defined list of blacklisted TLDs to block domains. With this method we can block TLDs mostly used by web exploit kits, such as .co.cc, .co.nz and others, or we can simply block the user to visit websites with specific TLDs.

NoVirusThanks Socket Sentinel Pro is an advanced, yet user-friendly, bi-directional TCP traffic filtering software application which allows you to add custom RegEx (Regular Expression) filters. Presets for filtering include: HTTP header information, POST and GET data, Domain Names or even filter for *ANY* data passed over any connection. Read more…

1) Add blacklisted TLDs

Open Socket Sentinel Pro and browse to:

Rules -> TLDs

There is a list of TLDs that are blacklisted, and so that will be blocked. To add a new TLD to be blocked, right-click with the mouse and click on the “Add” button.

2) Testing

Now we can test Socket Sentinel Pro, we will try to visit a website infected with an exploit kit that has a TLD present in our blacklisted list of TLDs:

Result is as expected, the website has been blocked, see also Events TAB:

Read more about Socket Sentinel Pro.

Posted by admin on Wednesday, January 11th, 2012 at 8:05 pm and filed under Security News with tags block .co.cc, block .co.nz, block website by TLD, block websites, website blocker. You can skip to the end and leave a response. Pinging is currently not allowed.