How to block IP address (NOT URL or UNC name)?
Posted 12 January 2003 - 07:27 AM
A first thought I am thinking of modifying local ARP tables.
APK you got me into doing a GOOGLE on this one.
Wouldnt it be easier just to mail you a PIX firewall
Scratch the ARP notion .... was hoping mapping a particular IP to the local NIC MAC would work ....
Posted 12 January 2003 - 06:30 PM
it's long and painfull but works quite well
ipsec policies can be reached from the gpedit.msc
the are tons of things u can do from there.
after creating or altering apolicy dont forget to "assign" it
or nothing will happen
Posted 13 January 2003 - 03:40 AM
I will be using nd.edu as an example ... its a football thing
Under Local Security Settings / IP Security Policies
1. Create a new IP Filter list
2. Source IP is My IP address
3. Destination (in this example) is 18.104.22.168 (nd.edu)
4. Protocol is any
5. Create a new IP Security Policy (use Kerberos 5 authentication)
6. Add an IP Security Rule (this rule is not a tunnel) (all network connections)
7. Add the new IP filter list that you just created. (require security)
8. Assign the new policy
Upon doing this I CAN go to http://www.nd.edu but I CANNOT go to http://22.214.171.124
Scripting can be done with this tool:
I imagine this is what you were looking for APK?
Posted 13 January 2003 - 05:21 AM
the xp firewall is very good but a pain to configure (as u can see)
it looks like it worked out well
maybe dosfreak or someone can tell us how to automate or even save for the next install of xp
btw this is what i did for a firewall before norton made an xp compatible one
Posted 13 January 2003 - 05:34 AM
And if you truly wished to have these installed automatically on the initial install of windows, you could use CMDLINES.TXT
These are far easier to maintain, manage, and deploy in a domain environment
LOL .... APK was typing the answers at the same time I was ... woah