Compatible Support Forums: How to block IP address (NOT URL or UNC name)?

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

How to block IP address (NOT URL or UNC name)?

#1 User is offline   DS3Circuit 

  • old hand
  • Group: Members
  • Posts: 739
  • Joined: 11-December 02

Posted 12 January 2003 - 07:27 AM

Interesting ....


A first thought I am thinking of modifying local ARP tables.

APK you got me into doing a GOOGLE on this one.

**EDIT**

Wouldnt it be easier just to mail you a PIX firewall laugh

**EDIT2**

Scratch the ARP notion .... was hoping mapping a particular IP to the local NIC MAC would work ....
0

#2 User is offline   Jerry Atrik 

  • addict
  • Group: Members
  • Posts: 694
  • Joined: 10-June 02

Posted 12 January 2003 - 06:30 PM

in xp u can learn the firewall stuff
it's long and painfull but works quite well

ipsec policies can be reached from the gpedit.msc
the are tons of things u can do from there.
after creating or altering apolicy dont forget to "assign" it
or nothing will happen
0

#3 User is offline   DS3Circuit 

  • old hand
  • Group: Members
  • Posts: 739
  • Joined: 11-December 02

Posted 12 January 2003 - 09:24 PM

A tutorial on blocking direct IP internet access through windows

http://www.pacificnet.net/~bbruce/route_intro.htm

Is this what you wanted?
0

#4 User is offline   DS3Circuit 

  • old hand
  • Group: Members
  • Posts: 739
  • Joined: 11-December 02

Posted 13 January 2003 - 03:40 AM

Very Nice Jerry, that idea of using IPsec policies works .... and here's how you do it laugh

I will be using nd.edu as an example ... its a football thing laugh

Under Local Security Settings / IP Security Policies
1. Create a new IP Filter list
2. Source IP is My IP address
3. Destination (in this example) is 129.74.250.101 (nd.edu)
4. Protocol is any
5. Create a new IP Security Policy (use Kerberos 5 authentication)
6. Add an IP Security Rule (this rule is not a tunnel) (all network connections)
7. Add the new IP filter list that you just created. (require security)
8. Assign the new policy

Upon doing this I CAN go to http://www.nd.edu but I CANNOT go to http://129.74.250.101

Scripting can be done with this tool:
http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/ipsecpol-o.asp

I imagine this is what you were looking for APK?
0

#5 User is offline   DS3Circuit 

  • old hand
  • Group: Members
  • Posts: 739
  • Joined: 11-December 02

Posted 13 January 2003 - 04:10 AM

Good glad to hear boss, and of course, feel free to add my name in lights anywhere you wish laugh
0

#6 User is offline   Jerry Atrik 

  • addict
  • Group: Members
  • Posts: 694
  • Joined: 10-June 02

Posted 13 January 2003 - 05:21 AM

thnx
the xp firewall is very good but a pain to configure (as u can see)

it looks like it worked out well

maybe dosfreak or someone can tell us how to automate or even save for the next install of xp
:x

btw this is what i did for a firewall before norton made an xp compatible one
laugh
0

#7 User is offline   DS3Circuit 

  • old hand
  • Group: Members
  • Posts: 739
  • Joined: 11-December 02

Posted 13 January 2003 - 05:34 AM

Importing and Exporting Policies is seen here to save for a rainy day

http://www.microsoft.com/technet/treevie...PSEC_export.asp

And if you truly wished to have these installed automatically on the initial install of windows, you could use CMDLINES.TXT

These are far easier to maintain, manage, and deploy in a domain environment

*EDIT*
LOL .... APK was typing the answers at the same time I was ... woah
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users