Portal Home > Knowledgebase > Articles Database > Block IP addresses with IPSECCMD
Block IP addresses with IPSECCMD
Posted by medeek, 05-25-2010, 12:47 AM |
I've recently noticed that my DNS windows server (2003)is constantly being hammered by ip addresses usually originating from Russia. I've manually resorted to using ipseccmd.exe and entering blocking rules with a bat file:
ipseccmd -f [212.192.255.0/255.255.255.0=*]
My question how well does this work, is there a better way to go about blocking specific ip addresses or blocks. Windows firewall that comes installed on Windows Server 2003 is pretty much inadequate. Any suggestions or comments would be greatly appreciated.
|
Posted by Hillockhosting, 05-25-2010, 01:11 AM |
sbin/routeadd -host ipaddress --reject
Use the above command to block the IP address.
|
Posted by Woooo, 05-25-2010, 01:17 AM |
it seems hes on windows
|
Posted by jackpx, 05-25-2010, 07:20 AM |
http://www.bleedinedge.com/forum/sho...cPol-for-Win2k
http://support.microsoft.com/kb/908472/
Last edited by jackpx; 05-25-2010 at 07:23 AM.
|
Posted by server prodigy, 05-25-2010, 07:33 AM |
This isn't the typical "windoze sucks" type of response because in all honesty I couldn't care less what OS other people use -but-
You really should consider placing a Linux firewall server at the border of your network.
There are numerous free Linux distributions which are specialized for firewalls and the typical windows vulnerabilities these hackers are looking for just won't be there.
Running a first layer defense on a windows box is better than nothing but it's really just not what the OS is good at. Even a small or outdated computer can run a very solid and well performing firewall with the advantage of protecting your entire network from one place.
|
Add to Favourites Print this Article
Also Read