Controlling IIS IP Filtering Settings from ASP.Net

I need to block an IP / IP Range for a specific Virtual directory in IIS.
While I can do this using IIS' built-in IP filtering feature, I find that it's basically a manual option.
I fancy doing the same using ASP.Net when my web application detects more than three failed attempts from the same IP,
I would like to have my application add the IP to IIS' filter list effectively blocking the user from accessing the application.

Ideas on:

1. Detecting multiple failed login attempts from the same IP / IP range
2. Accessing IIS IP filter list to deny access to resource
3. After a timeout, I might also need to "unblock" the IP / IP range

would be a great help.  Thanks in advance
LVL 2
v_bharghavaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

dnojcdCommented:
If you are good in programming with .net  use System.Diagnostics Namespace class library which contains the Eventlog components to read the event log and log the ip which fails for three time contiuosly and block it.-

Also check this article to know abt brute force attacks
http://www.codeguru.com/csharp/.net/net_security/authentication/article.php/c7907/#more
0
TheMegaLoserCommented:
I noticed that MSDN is probably protected to subscribers. See the following link instead:

http://www.codeproject.com/csharp/iiswmi.asp
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

agiampyCommented:
"I fancy doing the same using ASP.Net when my web application detects more than three failed attempts from the same IP"

What's meaning? Do you control this through db?
0
v_bharghavaAuthor Commented:
TML has pointed out nicely to what I wanted to accomplish in bullet 2.
agiampy, that could be one of the approaches for accomplishing bullet 1 & 3.
Since I need to detect failed attempts from the IP, I may have to store all failed attempts somewhere.  
Eventlog approach suggested by "dnojcd" might not be appropriate here.  Database is a natural choice.  But what would the architecture of such a program would be?  Would it be a demon implemented as a Windows Service or a hread spwaned on Application_Start that iterates through the list of blocked IPs and according to the elapsed time unblocks blocked IP addresses?
0
TheMegaLoserCommented:
#1, How is the login performed? Are you using forms login or integrated windows authentication ? If you're using forms you can easily write to a database in your own code.

#3 can be solved by writing a small program that checks and clears the list. Then you just schedule it to run every hour.
0
agiampyCommented:
Hi,
#1 You shuold use servervariables to detect what's the remote IP and verify if this IP has been failed the logon
#2 If it has been failed, you should add this to a table (BlackList) and save also date/time of failed logon
#3 When a remote user shuld be attempt to access your site, you just verify what is the IP (Request.ServerVariables("Remote_Addr")) and search it in the tabel BlackList. IF it is in table, verify the date/time, and delete the IP if "unblock" state. After this, repeat the #1.
 
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Development

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.