Re: BLOCKING IP's
- From: v-chayan@xxxxxxxxxxxxxxxxxxxx ("Charles Yang [MSFT]")
- Date: Wed, 06 Jul 2005 08:16:29 GMT
Hi Nick,
Welcome to SBS newsgroup.
According to your description, it seems you want to stop the anonymous
attack from the internet. If I am off base, please let me know.
Generally speaking, in order to prevent the attempts from that IP address
(or a subnet), we can block the IP address (or subnet) on your firewall.
You can refer to the following section for my suggestions:
Method 1: Hardware firewall
If your network is behind a hardware firewall, you can block it on the
hardware firewall (depending on the hardware). You can contact with the
hardware vendor for further assistance about this issue.
Method 2: RRAS basic firewall
If you choose SBS 2003 Standard, you can use RRAS Basic Firewall feature to
block this. Please refer to the following for detailed steps:
1. Start->Program->Administrator tools->Routing and Remote Access
2. Expand to the server node, in the IP routing node, click the NAT/Basic
firewall.
3. In the right pane of the windows, right click Network connections.
4. In the NAT/Basic firewall tab, click Inbound filter.
5. Choose Receive all packets except the those that meet the criteria
below, then enter the IP address you want to block.
Method 3: ISA server firewall
If you are using SBS 2003 Premium, you can use ISA server to block this
(recommended as ISA provides Enterprise level security). In ISA server,
packet filter is used to filter all the connections to/from the ISA
server's external NIC and block/allow these connections. Protocol
rules/Site and content rules are used to control internal client outgoing
access permissions. You can refer to the following steps for detailed
information:
1. Open ISA server management and expand server node, then navigate to
access policy. Right click the "IP packet filter"
2. Create a packet filter as following example:
Enabled : True
Filter Mode : Deny
Protocol : TCP
Direction : Inbound and Outbound
Local Port: Any Port
Remote Port : Any Port
Local Computer Filter Applies to : Default External IP
Remote Computer Filter Applies to : 222.222.222.222
3. Reproduce the steps to all the IP address.
More info:
Packet filtering
http://www.microsoft.com/resources/documentation/isa/2000/enterprise/proddoc
s/en-us/isadocs/cmt_pfintro.mspx
Access policy rules
http://www.microsoft.com/resources/documentation/isa/2000/enterprise/proddoc
s/en-us/isadocs/cmt_accesspolicy.mspx
Hope the above information helpful, if you have any further concerns,
please let me know. I am glad to be any further updates.
Best regards,
Charles Yang (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
.
- Follow-Ups:
- Re: BLOCKING IP's
- From: Nick Hard
- Re: BLOCKING IP's
- References:
- BLOCKING IP's
- From: Nick Hard
- Re: BLOCKING IP's
- From: Nick Hard
- Re: BLOCKING IP's
- From: M. Hayes
- BLOCKING IP's
- Prev by Date: Re: 2003 SP1 Installation Problems - HELP!!!
- Next by Date: RE: email and email forwarding
- Previous by thread: Re: BLOCKING IP's
- Next by thread: Re: BLOCKING IP's
- Index(es):
Relevant Pages
|
Loading
