[TUT] Ban an IP permanent

[Magenik]

Ok i go teach you guy how ban an IP permanent with Windows server 2003
I don't test on XP if have same function
Hope this will help many Hoster of server
we always got problem with hacker and lamer
what you can do is block their ip if you don't have a firewall setup in ur server
Hope all will understand this tut because it's very important follow all or you can block all access
What you need is jsut follow picture

First Part : Allow IP

Step 1 :

Step 2 :
Local security setting open clic on IP security Policies On local computer
See pic let it like mine or you will dc all IP if you put On now
jut keep Offline for sure all will good
then double clic on the first one or right clic on it and properties
new windows appear and first disable the Use add Wizzard we don't use it in this

Step 3 :
Clic on (1) "add" you will get New rules Properties windows with IP filter lists
What we go do in oder now is :
1 : Make rules for allow all IP for connect to server
2 : make new rules for block IP
For 1:
Clic on (2) "add" don't forget disable the wizzard
here Type the name of this rules then clic add (3)

Step 4 :
Filter properties
keep like on the picture My IP for source and any ip for destination
go in protocol let Any enable
go in description and write " Allow all IP" or what you want or you know what this rules mean
when done clic "OK"
IP filter List clic "OK"

Step 5 :
When this done you will have see allow all IP (the one we just setup) enable it
and clic on Filter action Clic Add for new Action of this rules

Step 6 :
Here is the action of the rules later we will add Block action
For this "allow all IP" (Rules 1) we clic "permit" and put a description in general for u know what this rules mean later when you search it then apply this action then Ok

when all of this is setup
we did the First Rules "Allow all IP"

When all done we have this in the global rules where we will enable or disable rules when need

First Rules " Allow All ip" Is create remember i said don't start the "on" on the top
If you did all good now u can start all ip is allowed so u can be sure no dc you
clic on " Assign this policy " the on/off

Second Part : Block IP

Now the best part we waiting for ^^ how ban an IP or a block IP
all we need do is same method
Step 1
Step 2
Step 3 we will add Block IP rules now just follow the picture below

Now is important we need our first ip to put in rules empty rules wont work
so our Hacker is "192.168.1.200"
so we want block all port to him for he can't access to any port of our server
we have 2 way "specific ip adress" block one IP
or Specific IP subnet : block Range IP
so we add for start "specific ip adress" block one IP his IP "192.168.1.200"
In protocol we let Any (will block him for all)
description put what you want like "Hacker you got owned" it's jut for u remember who you ban
then u can found him later and unban if need

For subnet how it's work?
example you want ban a range ip "192.168.0.0" to "192.168.255.255"
don't do everything u can regret ban range IP can ban all ur player if you do something wrong
what you need is how work the subnet so i wont explain it a lot i just give info try understand

Netmask              Netmask (binary)                 CIDR     Notes
255.255.255.255  11111111.11111111.11111111.11111111  /32  Host (single addr)
255.255.255.254  11111111.11111111.11111111.11111110  /31  Unuseable
255.255.255.252  11111111.11111111.11111111.11111100  /30    2  useable
255.255.255.248  11111111.11111111.11111111.11111000  /29    6  useable
255.255.255.240  11111111.11111111.11111111.11110000  /28   14  useable
255.255.255.224  11111111.11111111.11111111.11100000  /27   30  useable
255.255.255.192  11111111.11111111.11111111.11000000  /26   62  useable
255.255.255.128  11111111.11111111.11111111.10000000  /25  126  useable
255.255.255.0    11111111.11111111.11111111.00000000  /24 "Class C" 254 useable

255.255.254.0    11111111.11111111.11111110.00000000  /23    2  Class C's
255.255.252.0    11111111.11111111.11111100.00000000  /22    4  Class C's
255.255.248.0    11111111.11111111.11111000.00000000  /21    8  Class C's
255.255.240.0    11111111.11111111.11110000.00000000  /20   16  Class C's
255.255.224.0    11111111.11111111.11100000.00000000  /19   32  Class C's
255.255.192.0    11111111.11111111.11000000.00000000  /18   64  Class C's
255.255.128.0    11111111.11111111.10000000.00000000  /17  128  Class C's
255.255.0.0      11111111.11111111.00000000.00000000  /16  "Class B"
    
255.254.0.0      11111111.11111110.00000000.00000000  /15    2  Class B's
255.252.0.0      11111111.11111100.00000000.00000000  /14    4  Class B's
255.248.0.0      11111111.11111000.00000000.00000000  /13    8  Class B's
255.240.0.0      11111111.11110000.00000000.00000000  /12   16  Class B's
255.224.0.0      11111111.11100000.00000000.00000000  /11   32  Class B's
255.192.0.0      11111111.11000000.00000000.00000000  /10   64  Class B's
255.128.0.0      11111111.10000000.00000000.00000000  /9   128  Class B's
255.0.0.0        11111111.00000000.00000000.00000000  /8   "Class A"
 
254.0.0.0        11111110.00000000.00000000.00000000  /7
252.0.0.0        11111100.00000000.00000000.00000000  /6
248.0.0.0        11111000.00000000.00000000.00000000  /5
240.0.0.0        11110000.00000000.00000000.00000000  /4
224.0.0.0        11100000.00000000.00000000.00000000  /3
192.0.0.0        11000000.00000000.00000000.00000000  /2
128.0.0.0        10000000.00000000.00000000.00000000  /1
0.0.0.0          00000000.00000000.00000000.00000000  /0   IP space

for our example we want block range "192.168.0.0" to "192.168.255.255"
what we need put in the IP adress subnet is
192.168.0.0
255.255.0.0

all ip in thsi range will be blocked hehe enjoy ^^ now u can block BR IP hehe
Good for pristontale server where almost 98% hacker is BR

 

[Zaraki Kenpachi]

nice guide but phase 3 and 4 images don"t work

 

[Magenik]

So post limited in image lol
here the next :

ok nvm next step
Now we just put on IP (the one we want ban)
Active Block and in dscription write "Block IP"

When all Done jsut active the option and you get this guy banned for ur server

Also if u run a firewall after that = more secure

Now you know how ban someone so fast and easy
when thsi first setup is done will easier add IP in list just clic edit of all option and you will see how add

It's the same Method for windows fireall when you add a rules you have Change scope you can allow for exmaple FTP programm just you IP to connect to FTP

 

[Zaraki Kenpachi]

just post the links or u can upload ur images on photobucket.. and allow ppl to have acces to ur photo album

 

[SiK]

Another much more simple method would be to use a server grade firewall such as Black Ice where you can set expirations on IP blocks and such.

 

[Magenik]

Another much more simple method would be to use a server grade firewall such as Black Ice where you can set expirations on IP blocks and such.

Firewall is good but you need know Fireawall can be flood and lock you
i just teach a basic method for ppl who don't have firewall

 

[iNeverDownAway]

gj

 

[Dragon124]

Re: [Guide] Ban an IP permanent

Uhm i got a question. There you have put a LAN IP which like 192.168.1.200 , well i think that i can see only the global ip of my hacker and mostly that changes . How can i ban a Global Ip . Sorry , but i didnt get it at all if you want PM or post here

 

[uknowme]

Re: [Guide] Ban an IP permanent

You must be registered to see links

lol