Solved

Block IP address on Window 2012

Posted on 2014-10-14
8
604 Views
Last Modified: 2014-10-16
How to block some IP address from accessing the FS01 ? is there any screen dump / example for reference ?

Tks
0
Comment
Question by:AXISHK
  • 4
  • 4
8 Comments
 
LVL 61

Expert Comment

by:btan
ID: 40381465
maybe use the windows firewall with advanced security ( i supposed FS01 is another win2012 federated server's hostname) https://support.gearhost.com/hc/en-us/articles/200341715-Block-IP-address-with-Windows-Firewall-2008-2012

if your are looking at ADFS proxy server, you can see more of the FW setting required for the SSL comms
http://blogs.technet.com/b/askds/archive/2012/01/05/understanding-the-ad-fs-2-0-proxy.aspx
0
 

Author Comment

by:AXISHK
ID: 40381596
FS01 is just our Window 2012 file server name - not a window federated server.  So, does the link work ?

Is it possible to  block IPs to access a particular folder in Window 2012 only ? Tks
0
 
LVL 61

Expert Comment

by:btan
ID: 40381662
The windows firewall for the first link for the file server should be alright.

For the folder restriction, it is best to go via Windows Security Model restricts access per-user, not per-IP. (http://windows.microsoft.com/en-us/windows-vista/share-files-and-folders-over-the-network-from-windows-vista-inside-out)

E.g. both Windows Sharing and Windows File Security have option to Allow and Deny access to a files and/or folders based on user names and/or computer names and/or Active Directory security groups. So the best is via setting  the share/file security to allow user group or even "Everyone", but deny a list of computers. Overall to accomplish with an AD security group created with all the computers you want to deny. Assigned the that AD security group to the resource access.
0
 

Author Comment

by:AXISHK
ID: 40383810
Try to block a computer for a shared folder access, but it doesn't work. It only works for user name. Any alternative solution ?

Tks
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:AXISHK
ID: 40383892
Already try to block the IP 10.0.20.10 from access the server in Firewall setting but it doesn't work. Any idea ?
WindowFS.png
0
 
LVL 61

Expert Comment

by:btan
ID: 40384686
you cannot block based on computer ip access to shared folder using windows ACL as mentioned in prev post, they bind to user identity. But it seems viable for NFS http://technet.microsoft.com/en-us/library/cc753731.aspx

NFS-based access control for a shared resource is determined based on network names and groups. To use NFS permissions, you must first install the Services for Network File System (NFS) role service using Server Manager. After installing Services for NFS, use NFSAdmin.exe to create client groups and to add client computers to those groups before configuring NFS share permissions.

New shared resources. In the Provision a Shared Folder Wizard, if you select NFS as a share protocol, the NFS Permissions page is available in the wizard. You specify whether access is to be controlled by a specific client computer (host), or by a client group.


For the FW, 三haring a folder or file creates a Windows Firewall exception for File and Printer Sharing. The exception opens the ports listed. http://technet.microsoft.com/en-us/library/cc731402.aspx

The following ports are associated with file sharing and server message block (SMB) communications:
Microsoft file sharing SMB: User Datagram Protocol (UDP) ports from 135 through 139 and Transmission Control Protocol (TCP) ports from 135 through 139.
Direct-hosted SMB traffic without a network basic input/output system (NetBIOS): port 445 (TCP and UPD).
 
947709 How to use the "netsh advfirewall firewall" context instead of the "netsh firewall" context to control Windows Firewall behavior in Windows Server 2008 and in Windows Vista
http://support.microsoft.com/default.aspx?scid=kb;EN-US;947709
0
 

Author Comment

by:AXISHK
ID: 40385777
Still can't fix out the problem on firewall, Anything missing ?
Block01.png
Block02.png
0
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
ID: 40385789
see if this helps - enable/disable file share and udp
http://support.adminarsenal.com/entries/21531976-Windows-Firewall-Ports-and-Exceptions

to block the rules to prevent file and print services are :-
NetBIOS Datagram Service     Block    All programs   UDP 138
NetBIOS Name Service             Block    All programs   UDP 137
NetBIOS Session Service             Block    All programs   TCP 139
SMB over TCP                           Block    All programs   TCP 445
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Table of Contents: Lesson 1 - Installing Windows Server 2012 (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2012/A_11592-Become-an-Administrator-Installing-Windows-Server-2012.html) Lesson 2 - Configuring Ser…
Resolve DNS query failed errors for Exchange
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now