- Joined
- Sep 7, 2005
- Messages
- 82
- Reaction score
- 4
ADDING SECURITY TO YOUR SERVER (NOT ONLY FOR RAN PRIVATE SERVERS)
I use this method to block IP address on my Windows Server. Applicable to WinXP, Windows Server 2003 Family. (Not sure if same procedure with Vista coz im not using it.)
Not my credit. Its all over the internet. Just sharing it for those who haven't found it yet.
So Here it goes.
CREATING A RULE
1. Click 'Start' > 'Run' >type 'MMC' press ok.
2. In the console click > 'File' > 'Add/Remove Snap in'
3. In the 'Standalone Tab' click The 'add' button
4. Select 'IP Security Policy Managment' > 'ADD' > 'Local Computer' > 'finish' > 'close' > 'ok'
5. You should now be back to the console.
6. In the left frame right click 'IP security policies on local computer' > 'Create IP security policy'
7. Click Next and then name your policy 'Block IP' and type a description.
8. Click 'Next' then leave 'activate' ticked then click 'Next'
9. If you receive a Kerberos Warning just click yes
10. Leave the 'edit properties ticked and click 'Finish'
11. You should now have the properties window open.
12. Click 'ADD' then click 'Next' to continue.
13. Leave 'This rule does not specify a tunnel' selected and click 'next'
14. Leave 'all network connections' selected and click 'next'
15. If you receive a kerberos warning just click YES
16. You should now be on the IP filter list. You need to create a new filter, so dont select any of the default ones. Click 'ADD'
17. Type a Name for your list, call it 'IP block list'
Type a description in, can be same as name.
Click 'ADD' then click 'Next' to continue.
18. In the description box type a description. As its the first IP you are blocking call it 'IP1' or 'IP Range 1'
Leave ticked the 'Mirrored. Match packets with the exact opposite source and destination addresses'
Click 'Next'
19. The 'Source address' should be left as 'My IP address' click 'Next'
20. You can now select 'A Specific IP address' or 'A Specific Subnet' for the Destination address.
Type in the IP address you want to block and if blocking a subnet type in the subnet block. Click 'next'
21. Leave the protocol type as 'Any' and click 'Next' and then 'Finish'
22. To activate the policy that you have created (Block IP), right click the Block IP policy from the console and select Assign. You should see a green light indicator on the icon which means its now active.
You have now blocked your first IP or IP range.
If you dont have MMC installed search google on how to install it.
And one more thing, in PH some areas have clients with same IP address (smartbro users) so be carefull not to block those innocent ones
.
ADDING IP TO BLOCK ON EXISTING RULE
If you want to add more ip address to block list:
1. Just double click on the IP Sec you have created
on the console panel.
2. Double click the IP Filter List you have created for the block
3. On the Edit rule window, 2x click the name of the IP filter
4. Then click the Add button on the right side of the next window.
6. Then add the necessary block ip address. (Same with step 19 to 21 on Creating a Rule)
7. Click OK on every window to save.
Note: Do not forget to save those you added or it won't take effect.
Happy blocking!!
I use this method to block IP address on my Windows Server. Applicable to WinXP, Windows Server 2003 Family. (Not sure if same procedure with Vista coz im not using it.)
Not my credit. Its all over the internet. Just sharing it for those who haven't found it yet.
So Here it goes.
CREATING A RULE
1. Click 'Start' > 'Run' >type 'MMC' press ok.
2. In the console click > 'File' > 'Add/Remove Snap in'
3. In the 'Standalone Tab' click The 'add' button
4. Select 'IP Security Policy Managment' > 'ADD' > 'Local Computer' > 'finish' > 'close' > 'ok'
5. You should now be back to the console.
6. In the left frame right click 'IP security policies on local computer' > 'Create IP security policy'
7. Click Next and then name your policy 'Block IP' and type a description.
8. Click 'Next' then leave 'activate' ticked then click 'Next'
9. If you receive a Kerberos Warning just click yes
10. Leave the 'edit properties ticked and click 'Finish'
11. You should now have the properties window open.
12. Click 'ADD' then click 'Next' to continue.
13. Leave 'This rule does not specify a tunnel' selected and click 'next'
14. Leave 'all network connections' selected and click 'next'
15. If you receive a kerberos warning just click YES
16. You should now be on the IP filter list. You need to create a new filter, so dont select any of the default ones. Click 'ADD'
17. Type a Name for your list, call it 'IP block list'
Type a description in, can be same as name.
Click 'ADD' then click 'Next' to continue.
18. In the description box type a description. As its the first IP you are blocking call it 'IP1' or 'IP Range 1'
Leave ticked the 'Mirrored. Match packets with the exact opposite source and destination addresses'
Click 'Next'
19. The 'Source address' should be left as 'My IP address' click 'Next'
20. You can now select 'A Specific IP address' or 'A Specific Subnet' for the Destination address.
Type in the IP address you want to block and if blocking a subnet type in the subnet block. Click 'next'
21. Leave the protocol type as 'Any' and click 'Next' and then 'Finish'
22. To activate the policy that you have created (Block IP), right click the Block IP policy from the console and select Assign. You should see a green light indicator on the icon which means its now active.
You have now blocked your first IP or IP range.
If you dont have MMC installed search google on how to install it.
And one more thing, in PH some areas have clients with same IP address (smartbro users) so be carefull not to block those innocent ones
.ADDING IP TO BLOCK ON EXISTING RULE
If you want to add more ip address to block list:
1. Just double click on the IP Sec you have created
on the console panel.
2. Double click the IP Filter List you have created for the block
3. On the Edit rule window, 2x click the name of the IP filter
4. Then click the Add button on the right side of the next window.
6. Then add the necessary block ip address. (Same with step 19 to 21 on Creating a Rule)
7. Click OK on every window to save.
Note: Do not forget to save those you added or it won't take effect.
Happy blocking!!
Last edited:
