Block a local IP address from XP Firewall

Posted on 2005-04-21
Last Modified: 2013-12-04
Is it possible, on a computer running Windows XP SP2, to block all incoming traffic coming from an IP address on my local network,  using Windows XP SP2 Firewall ? I can't see any options relating to blocking IP addresses in XP's firewall, only ports and programs.
Or could I use something else, like Restricted Zones defined in IE, or any other builtin Windows tool ?

Question by:ndidomenico
    LVL 8

    Expert Comment

    by:nader alkahtani

    Author Comment

    I want to block ALL traffic coming from ONE specific IP address, not only Ping (icmp)
    This link seems to relate only to blocking icmp traffic. I will read through it in case I'm missing something...

    LVL 6

    Expert Comment

    LVL 38

    Accepted Solution

    XP's firewall is not capable of this, it is stateful only, and not able to be configured to block ip's, but can only block based on port's and protocols only.

    IPSEC firewalls are not great either, if you bind your source port to port 88 or 500, you bypass ipsec firewalls. In 2003 they have added the ablity to disable this "function" of by-pass, if you bind to port  500/tcp    isakmp
    you can still by-pass the ipsec-

    If you were to use XP's firewall, it would be able to keep everyone out, but it would not allow certain exceptions, so if you open a port like 445, you have no say over who can and can't access that port. Now windows IPSEC is much more configurable, and binding your source port to port 500 is not something a novice, and sometimes an experienced person will attempt. I'd suggest using both in conjunction, open just what you need through the xp firewall, and use IPSEC to further lock down who can an can't access your pc. It's probably overall to buy or DL a program that does all this on it's own, ZoneAlarmPro get's my vote.

    Author Comment

    Thanks for the info. I'll then probably go with a software firewall solution as suggested. I was initially thinking about using Sygate personal firewall or Kerio.

    LVL 38

    Expert Comment

    by:Rich Rumble
    Both good choices from what I hear.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
    Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
    Hi everyone! This is Experts Exchange customer support.  This quick video will show you how to change your primary email address.  If you have any questions, then please Write a Comment below!
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now