can't block a single IP from connecting

so this began a few weeks ago. Trillian started connecting to this IP “205.234.175.175” and it just destroys my connection speed (26.4k). I’ve been discussing this with a friend of mine and apparently it is “vip1.G-anycast1.cachefly.net” which is used for distributing software updates (which is essentially what this same IP was described as doing in another topic on here he linked me to).

but my question is, how do I block this specific IP? I have it blocked in my firewall settings but it still connects without problem. and I really would like to not have to open up my active connections every day I log in to kill it.

Where did you block it in the firewall?

You should be able to go to Firewall → Network Security Policy → Blocked Zones, then click Add and select A New Blocked Address. Add the IP and it shouldn’t be able to connect.

gah. it never occurred to me to look there. not sure why. at any rate, much thanks. I will try this and hopefully have this problem resolved once and for all

I had the same problem. I hope we can get a straight answer as to why we can’t block by creating an application/global rule. ???

vip1 is listed by many virus and f/w software vendors as an exploit… and for some idiotic reason they allow it to pass thru… and prevent it from being blocked…

i was hopeing comodo would be diffrent and actually seek to protect it’s users from such threats…

i have and continue to add known vip1 and cachefly ip’s to the block lists in comodo.

I attempted to block it at the router… and it hijacked the dns servers, and blocked access to any dns server. and the internet… It may even be installed on isp’s servers… i wonder if this has anything to do with the buying up of communications services…by security corps and DOHS… :cry:

this exploit was known to me about 3 years ago, and has since evolved drastically… i have reason to believe it can be used to remote connect,remote shut down, buffer overflow,modify system voltages, install hidden aps, modify files and registries… hijack browsers, routers, installs… voip, sms… the list continues to grow. :o

comodo effectively blocked and removed it’s files when i first started using it. vip1 authors and supporters may have figured out ways around it… or comodo has jumped on the bandwagon and allowed exploits, instead of treating it as a critical threat,virus or trojan.

Since this is a remote exploit and can change constantly without user interaction…AI may be apart of it… these kinds of exploits will need a more advanced methods of protections that client side software may not be able to protect effectively…or a pc user will not be able to adapt to without assitance…

we need your help here comodo!

Could you be more specific what programs do detect it and what programs don’t?

i was hopeing Comodo would be diffrent and actually seek to protect it's users from such threats..
Not following. You can block the used IP addresses. Do you have proof this malware circumvents the CIS protection? Please let us know. Comodo is always interested in those things.
i have and continue to add known vip1 and cachefly ip's to the block lists in Comodo.
See the above.
I attempted to block it at the router.. and it hijacked the dns servers, and blocked access to any dns server. and the internet.. It may even be installed on isp's servers..
Can you corroborate?
i wonder if this has anything to do with the buying up of communications services...by security corps and DOHS... :'(
Can you corroborate?
this exploit was known to me about 3 years ago, and has since evolved drastically.. i have reason to believe it can be used to remote connect,remote shut down, buffer overflow,modify system voltages, install hidden aps, modify files and registries.. hijack browsers, routers, installs.. voip, sms.. the list continues to grow. :o
Where can we read more about this?
Comodo effectively blocked and removed it's files when i first started using it. vip1 authors and supporters may have figured out ways around it.. or Comodo has jumped on the bandwagon and allowed exploits, instead of treating it as a critical threat,virus or trojan.
Calls for speculation. I would like to see some proof.
Since this is a remote exploit and can change constantly without user interaction..AI may be apart of it.. these kinds of exploits will need a more advanced methods of protections that client side software may not be able to protect effectively..or a pc user will not be able to adapt to without assitance..
I understand your worries but would like to see some solid information corroboration your story.