Wayne Barron
asked on
Blocking outside IP Addresses
Hello All;
OK, as the subject states. We are wanting/needing to block IP addresses.
I do not currently have a professional industry standard hardware firewall at the moment.
So, we are going to rely on Windows Firewall or Other, software based Firewall.
Whichever route that we take.
We will need to have access to the file that the IP Addresses are stored at.
Rather is it through
I am thinking that using the Windows Firewall and Advance Security,
Would be the better of the two to use.
If either one of these are the ones, and I would prefer to stick with either one of these.
(preferably the Window Firewall)
How would I access the file where the IP Addresses are stored at?
Reason:
I am writing a vb.net application that grabs IP Addresses of potential hackers on our mail server.
The script is fully functional already, except for blocking said IP Address from access the system altogether.
Any ideas suggestions, anything.
Thank You
Carrzkiss
OK, as the subject states. We are wanting/needing to block IP addresses.
I do not currently have a professional industry standard hardware firewall at the moment.
So, we are going to rely on Windows Firewall or Other, software based Firewall.
Whichever route that we take.
We will need to have access to the file that the IP Addresses are stored at.
Rather is it through
OR, through
Windows Server
Windows Firewall and Advance Security
Inbound Rules
etc....
IIS - Internet Information Services
ServerName
IIS
IP Address and Domain Restrictions
I am thinking that using the Windows Firewall and Advance Security,
Would be the better of the two to use.
If either one of these are the ones, and I would prefer to stick with either one of these.
(preferably the Window Firewall)
How would I access the file where the IP Addresses are stored at?
Reason:
I am writing a vb.net application that grabs IP Addresses of potential hackers on our mail server.
The script is fully functional already, except for blocking said IP Address from access the system altogether.
Any ideas suggestions, anything.
Thank You
Carrzkiss
Use windows firewall to block the IP instead and for more security you can do it on the IIS side also. thats the best way to achieve your requirement.
ASKER
Sounds great.
Would you know where the file that stores the IP Addresses are located at?
Would you know where the file that stores the IP Addresses are located at?
Well honestly I have no idea where it stores.
It is better to do it at the router than in windows firewall. The log files will be there also for you to view.
Use whatever router you have, rather than at the server itself. But that is under the assumption your router will let you restrict inbound connections by IPs.
But it sounds like you don't have a unit where you can easily access what you need. That said, I would probably do it at Windows Firewall in your case. The file is located at %SystemRoot%\System32\LogF iles\Firew all\Pfirew all.log
However, you might also need to increase the max size of the file itself. Here's an article giving you what you need: https://www.howtogeek.com/ 220204/how -to-track- firewall-a ctivity-wi th-the-win dows-firew all-log/
In the long run though, get a business grade firewall.
But it sounds like you don't have a unit where you can easily access what you need. That said, I would probably do it at Windows Firewall in your case. The file is located at %SystemRoot%\System32\LogF
However, you might also need to increase the max size of the file itself. Here's an article giving you what you need: https://www.howtogeek.com/
In the long run though, get a business grade firewall.
ASKER
Hey, Natty.
As stated in the OP.
I do not have a professional standard Firewall.
So, I can only add IP Blocks to the router, not single IP Addresses.
So, I will have to. For the moment.
Use the Windows FW and IIS FW.
I found this thread on StackOverflow.
Deny access to 50,000 specific IP addresses using Windows Firewall
This one is over at the forums @ Microsoft. (This looks promising)
Add firewall rule programmatically
The script in done in C# so needs to be converted over to VB
I found some more code, but I found out that certain features are not usable in a web app.
That it would have to be a windows app.
So, not to certain that I can do what I wanted to do or not.
Unless I create a dos app that will be executed from the website and add the IP Address in that way.
I am at a loss when it comes to that part.
As stated in the OP.
I do not have a professional standard Firewall.
So, I can only add IP Blocks to the router, not single IP Addresses.
So, I will have to. For the moment.
Use the Windows FW and IIS FW.
I found this thread on StackOverflow.
Deny access to 50,000 specific IP addresses using Windows Firewall
This one is over at the forums @ Microsoft. (This looks promising)
Add firewall rule programmatically
The script in done in C# so needs to be converted over to VB
I found some more code, but I found out that certain features are not usable in a web app.
That it would have to be a windows app.
So, not to certain that I can do what I wanted to do or not.
Unless I create a dos app that will be executed from the website and add the IP Address in that way.
I am at a loss when it comes to that part.
ASKER
@masnrock
I created a rule to block inbound IP Addresses, and I added an IP Address to the rule.
I checked the file, at the location you specified and it is empty.
I do believe that the file that you pointed to, is simply what it shows in the address bar.
A Log File. >> LogFiles\Firewall
As for the "business grade firewall"
I have one, but not certain if it is still working or not.
A Cisco Pix 501 (Had to look back at my old EE Archives to find the # of it)
I have had it for about 13 years, but have not used it in about 10 years.
I created a rule to block inbound IP Addresses, and I added an IP Address to the rule.
I checked the file, at the location you specified and it is empty.
I do believe that the file that you pointed to, is simply what it shows in the address bar.
A Log File. >> LogFiles\Firewall
As for the "business grade firewall"
I have one, but not certain if it is still working or not.
A Cisco Pix 501 (Had to look back at my old EE Archives to find the # of it)
I have had it for about 13 years, but have not used it in about 10 years.
Which would make for a good time to get a new one. Doesn't necessarily have to be a PIX, but something up to date and appropriate.
ASKER
That will come later on, right now. I have to do it this way.
I FOUND IT.
I did a search through the registry for the IP Address I added.
And it is stored here
HKEY_LOCAL_MACHINE\SYSTEM\ ControlSet 001\Servic es\SharedA ccess\Para meters\Fir ewallPolic y\Firewall Rules\
So, what I need to do, is write [Add] to the registry.
This is the way the key looks.
So, what I need to do, is [add] to the registry entry, the IP Addresses from my VB.net website.
Which would have to be added like so:
I FOUND IT.
I did a search through the registry for the IP Address I added.
And it is stored here
HKEY_LOCAL_MACHINE\SYSTEM\
So, what I need to do, is write [Add] to the registry.
This is the way the key looks.
v2.26|Action=Block|Active=TRUE|Dir=I n|RA4=192. 168.2.250| RA4=192.16 8.2.249|Na me=Hack_At tempt|Desc =This rule is to stop all hackers from accessing our system.|
So, what I need to do, is [add] to the registry entry, the IP Addresses from my VB.net website.
Which would have to be added like so:
|RA4=192.168.2.250|RA4=192.168.2.249 |RA4=192.1 68.2.251|R A4=192.168 .2.248|
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
@Giovanni
My router does not allow anything to do with block outside IP Addresses.
I know, I need a better router.
My router does not allow anything to do with block outside IP Addresses.
I know, I need a better router.
Here's an article on working with the registry in VB.net: https://msdn.microsoft.com /en-us/lib rary/85t3c 3hf.aspx
ASKER
@masnrock
All their examples are using the: [HKEY_CURRENT_USER]
I need to access [HKEY_LOCAL_MACHINE] Which needs Administrative Privileges.
Of which, I have given ASP.NET the Privileges for the SubKey, however. Still no go.
Another thread about this very issue is here.
https://www.experts-exchange.com/questions/29017903/vb-net-website-Add-to-existing-Registry-Value.html
All their examples are using the: [HKEY_CURRENT_USER]
I need to access [HKEY_LOCAL_MACHINE] Which needs Administrative Privileges.
Of which, I have given ASP.NET the Privileges for the SubKey, however. Still no go.
Another thread about this very issue is here.
https://www.experts-exchange.com/questions/29017903/vb-net-website-Add-to-existing-Registry-Value.html
ASKER
@Giovanni Heward
Has the right idea.
I am going to have to do it that way.
Script to get the IP Addresses, and use this function to insert into the firewall.
Has the right idea.
I am going to have to do it that way.
Script to get the IP Addresses, and use this function to insert into the firewall.
ASKER
Giovanni, your solution is the best.
Had you stated that it is for "Window Firewall" I would have looked closer at it, and realized it was what I needed to use.
Thank you
I have tested it and it works great.
Wayne
Had you stated that it is for "Window Firewall" I would have looked closer at it, and realized it was what I needed to use.
Thank you
I have tested it and it works great.
Wayne