Re: Block an IP Address from all server connections

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Cisco Pix or ASA 5505 a good choice too.

--
John Oliver, Jr
MCSE, MCT, CCNA
Exchange MVP 2008
Microsoft Certified Partner


"Quilnux" <Quilnux@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:8BAC8FC2-1B32-452B-8427-0FD7C9EF6711@xxxxxxxxxxxxxxxx
Thanks. I'll check it out.

"Lanwench [MVP - Exchange]" wrote:

Quilnux <Quilnux@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
I see. Hopefully we can get a better firewall soon. Any firewalls you
can suggest?

I'm a big fan of SonicWALLs - good bang for the buck.
Whatever you get, tho, make sure you keep your maintenance current. I buy
2yr maintenance contracts with all new Sonicwalls and make sure they stay
renewed. Watchguard, etc., have similar.


"Lanwench [MVP - Exchange]" wrote:

Quilnux <Quilnux@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Hello,

I woke up this morning with a server report in my inbox. Under
security, there is a failed user attempt on the administrator
account. The user was trying to break through IIS. Next the user
tried the same from Exchange and then our FTP Service. The same user
did this yesturday. I know I can block an IP Address from IIS, FTP
and Exchange but I was wondering if there is a way to block the IP
address from just one menu, and it block the connection to all
services. I know it's only three services but, really this is
happening alot lately and it's just quicker if I can just do it at
one location. No, our firewall does not support blocking an ip
address. This must be done at the server level.

Thanks for any help.

No - you really need to get a better firewall (esp if you have no
ISA!). You would never do stuff like this on the server itself.






.

Relevant Pages

  • Re: Unable to Receive Email from the internet
    ... Are you running this on Longhorn server? ... Test from outside your firewall: ... Exchange Server 2007: internet email without Edge ... looking at the firewall inbound rules on my LHS. ...
    (microsoft.public.exchange.setup)
  • Re: Open ports?
    ... You can't install Exchange without IIS. ... This server isn't going to be as secure as possible. ... >>> However, if this is your domain controller, putting a firewall between ...
    (microsoft.public.win2000.security)
  • Re: OMA?
    ... You would need to open up port 80 to the Exchange server only. ... > would I have to open up port 80 on my firewall, ...
    (microsoft.public.exchange.connectivity)
  • Re: SBS2008 - Exchange 2007 + Connection Control
    ... But then why not do it in Exchange if the facility is there to do ... but the fact that you can't do this in your firewall should ... Microsoft Exchange> Server Configuration> Hub Transport> ... Currently this would appear by default to permit connections ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS2008 - Exchange 2007 + Connection Control
    ... But then why not do it in Exchange if the facility is there to do it? ... as it will make troubleshooting a huge PITA. ... but the fact that you can't do this in your firewall should be ... Microsoft Exchange> Server Configuration> Hub Transport> ...
    (microsoft.public.windows.server.sbs)