Jump to content


Photo

How to block IP address (NOT URL or UNC name)?


  • Please log in to reply
6 replies to this topic

#1 DS3Circuit

DS3Circuit

    old hand

  • Members
  • 739 posts

Posted 12 January 2003 - 07:27 AM

Interesting ....


A first thought I am thinking of modifying local ARP tables.

APK you got me into doing a GOOGLE on this one.

**EDIT**

Wouldnt it be easier just to mail you a PIX firewall laugh

**EDIT2**

Scratch the ARP notion .... was hoping mapping a particular IP to the local NIC MAC would work ....

#2 Jerry Atrik

Jerry Atrik

    addict

  • Members
  • 694 posts

Posted 12 January 2003 - 06:30 PM

in xp u can learn the firewall stuff
it's long and painfull but works quite well

ipsec policies can be reached from the gpedit.msc
the are tons of things u can do from there.
after creating or altering apolicy dont forget to "assign" it
or nothing will happen

#3 DS3Circuit

DS3Circuit

    old hand

  • Members
  • 739 posts

Posted 12 January 2003 - 09:24 PM

A tutorial on blocking direct IP internet access through windows

http://www.pacificne...route_intro.htm

Is this what you wanted?

#4 DS3Circuit

DS3Circuit

    old hand

  • Members
  • 739 posts

Posted 13 January 2003 - 03:40 AM

Very Nice Jerry, that idea of using IPsec policies works .... and here's how you do it laugh

I will be using nd.edu as an example ... its a football thing laugh

Under Local Security Settings / IP Security Policies
1. Create a new IP Filter list
2. Source IP is My IP address
3. Destination (in this example) is 129.74.250.101 (nd.edu)
4. Protocol is any
5. Create a new IP Security Policy (use Kerberos 5 authentication)
6. Add an IP Security Rule (this rule is not a tunnel) (all network connections)
7. Add the new IP filter list that you just created. (require security)
8. Assign the new policy

Upon doing this I CAN go to http://www.nd.edu but I CANNOT go to http://129.74.250.101

Scripting can be done with this tool:
http://www.microsoft.../ipsecpol-o.asp

I imagine this is what you were looking for APK?

#5 DS3Circuit

DS3Circuit

    old hand

  • Members
  • 739 posts

Posted 13 January 2003 - 04:10 AM

Good glad to hear boss, and of course, feel free to add my name in lights anywhere you wish laugh

#6 Jerry Atrik

Jerry Atrik

    addict

  • Members
  • 694 posts

Posted 13 January 2003 - 05:21 AM

thnx
the xp firewall is very good but a pain to configure (as u can see)

it looks like it worked out well

maybe dosfreak or someone can tell us how to automate or even save for the next install of xp
:x

btw this is what i did for a firewall before norton made an xp compatible one
laugh

#7 DS3Circuit

DS3Circuit

    old hand

  • Members
  • 739 posts

Posted 13 January 2003 - 05:34 AM

Importing and Exporting Policies is seen here to save for a rainy day

http://www.microsoft...PSEC_export.asp

And if you truly wished to have these installed automatically on the initial install of windows, you could use CMDLINES.TXT

These are far easier to maintain, manage, and deploy in a domain environment

*EDIT*
LOL .... APK was typing the answers at the same time I was ... woah




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

IPB Skin By Virteq