hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
Full Version: Blocking An Ip
GovernmentSecurity.org > System Security > Windows Systems
Ahmeket
Jul 6 2005, 04:43 PM
I have access to a server running windows2000 through SSH. What I was wondering was if there is any command line program that blocks certain IPs you want, or are we forced to install radmin or that kind to manage a blocklist through something with a gui.
FiNaLBeTa
Jul 6 2005, 05:59 PM
You are looking for a stateless firewall. But after some googling I didn't find a command line one for you.

Have fun searching.
Ahmeket
Jul 6 2005, 09:08 PM
I maintain a few linux servers and they all come with iptables, I can't believe it's so damn hard for MS to make a system that's easily remotely administrated... *sigh* mad.gif
dieter
Jul 7 2005, 05:36 AM
Maybe the "netsh" command is what you're looking for ?

regards,
Dieter
Ahmeket
Jul 7 2005, 08:16 AM
It looks promising Dieter, but I read the documentation on it on M$ several times without getting much smarter, I'm just looking for much the same function you get in Linux when using iptables to block a host.
dieter
Jul 7 2005, 08:31 AM
Hi Ahmeket,

What about this page: hxxp://emea.windowsitpro.com/Articles/Print.cfm?ArticleID=41571

tip: Google for "netsh ipsec filter"

You can easily filter things with ipsec filters on W2K servers (pre-windows firewall...)

regards,
Dieter
mickz
Jul 7 2005, 08:36 AM
You would have thought the new windows firewall in XP SP2 would have had some sort of an IP blocking utility, but as far as I can see it doesn't.

If you can invest in a firewall, such as Norton, which has parental controls, you can type in an IP address into the Block Address field, and then you shouldn't be able to connect to that address.
belgther
Jul 7 2005, 08:43 AM
Network settings have an IP filtering option.
Killaloop
Jul 7 2005, 09:59 AM
dieter is right, but netsh is only aviable for windows 2003 servers.
in your case of a windows 2000 machine you need to download IPSecPol and look up the syntax for it.
for windows xp you would need IPSecCmd which has the same syntax (mostly).
ipsecpol can be downloaded from http://www.microsoft.com/windows2000/techi.../ipsecpol-o.asp
while ipseccmd can be found on the windows xp cd.
Ovid
Jul 7 2005, 09:11 PM
I believe this is what you want:

http://online.securityfocus.com/infocus/1559

There's an example with a batch file that blocks all IP addresses except a certain few.
I haven't looked too closely, but I'm sure you could use it to block a specific IP address from a WinXP/Win2k command-line.
dieter
Jul 10 2005, 09:32 AM
Hi Ovid,

That was where I was going to with my posts ;-))

grtz,
Dieter
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.