Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 264
  • Last Modified:

Blocking IPs in Windows 2003 using scripting

My ftp server has been under a dictionary attack for the past few days. I need to know if windows is able to simply stop responding to packets recieved from a certain IP address. I have a firewall and I could always just add the IPs to that but I'd prefer to be able to do it in windows because then I can write a script to automatically "ban" IPs from my server. Anyone have any suggestions?
0
CyrexCore2k
Asked:
CyrexCore2k
1 Solution
 
benabCommented:
Hi CyrexCore2k,
I don't know of a way to do it with the Windows 2003 FTP server.  You might consider finding another FTP server.

Here are two well known FTP servers.  I strongly suggest you use a secure FTP server if possible.

Cute FTP
http://www.cuteftp.com/gsftps/features.asp

Titan FTP
http://www.webdrive.com/products/titanftp/features.html


Good luck,
Ben
0
 
r-kCommented:
In IIS Manager, right-click on your FTP site, select "Properties" then "Directory Security", and you can use the "Add" button to add offending IP's to the list there which are denied access.
0
 
bbaoIT ConsultantCommented:
> I can write a script to automatically "ban" IPs from my server.

just add ROUTE commands in your scripts. for more information, please see another post of mine which describes how to do it in detail.

http://www.experts-exchange.com/Networking/WinNT_Networking/Q_21913915.html

hope it helps,
bbao
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
CyrexCore2kAuthor Commented:
Oh wow that's exactly what I needed. Just do you have any idea how to get scripts to run commands?
0
 
CyrexCore2kAuthor Commented:
And also I don't want to permanently deny these IPs access since I figure these probably aren't static IPs... what's the command to remove the route when I'm done with it?
0
 
bbaoIT ConsultantCommented:
i'd suggest you learning the full syntax of ROUTE command by simply giving a "ROUTE /?" (no quotation marks) at command prompt. anyway i give two simple demo bath files here just for your reference:

BLOCK.BAT
--------------------
goto %1
@ECHO Usage: BLOCK net_id
goto quit

:1
@ECHO to block 10.10.1.0 ~ 10.10.1.255 (192.168.0.253 is a non-existing IP)
ROUTE ADD 10.10.1.0 MASK 255.255.255.0 192.168.0.253
goto quit

:2
@ECHO to block 10.10.2.0 ~ 10.10.2.15 (192.168.0.253 is a non-existing IP)
ROUTE ADD 10.10.2.0 MASK 255.255.255.240 192.168.0.253
goto quit

:quit
--------------------

UNBLOCK.BAT
--------------------
goto %1
@ECHO Usage: UNBLOCK net_id
goto quit

:1
@ECHO to unblock 10.10.1.0 ~ 10.10.1.255
ROUTE DELETE 10.10.1.0 MASK 255.255.255.0
goto quit

:2
@ECHO to unblock 10.10.2.0 ~ 10.10.2.15
ROUTE DELETE 10.10.2.0 MASK 255.255.255.240
goto quit

:quit
--------------------
0
 
CyrexCore2kAuthor Commented:
I'm sorry I meant vbs windows scripts. =x I was wondering how you execute commands from those.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now