Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 261
  • Last Modified:

Blocked IP Range in IIS and still getting attacked

I am running 2008 server with IIS 7.0

I have an FTP server running and I am constantly getting nailed by people trying to brute force me.
I went in and created deny rules for a bunch of subnets. However I am still getting people from those IP ranges connecting...why??

For example:
I have a DENY for:
124.0.0.0 with a mask of 255.0.0.0
also tried 124.1.1.1 with a mask 255.0.0.0

I am still seeing IP's trying to brute force from 124.x.x.x

What am I doing wrong? I had the same issue on my 2003 server with IIS 6.0
0
FLVS_407
Asked:
FLVS_407
1 Solution
 
arnoldCommented:
It is better to implement the deny rule on the firewall.
With the deny rule in IIS, the connection is established assessed and dropped.

0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now