Scan for Allowed Denied IP address

I need a tool to scan for allowed/denied IP address by a win 2000 server.

All tools available scan for ports & range of ips but none scan allowed/denied ip address on a singe Win 2000 Server.

I someone finds/makes one please dont forget to send a cc email on pgrequest@yahoo.com

BillyG assumes that for running a efficient Win 2000 System you need a PC as Print server, one as authentication server, one as file server, many terminal servers, one mail server, one web server, backup domain controllers, member servers.....%^&@ where do I get these PCs from...to run an efficient win 2000 System. Better I would install a linux/unix server which runs all of them efficiently on a single PC !!

Windows : "Where do you want to go today..."
Linux : "Where do you want to go tommorow..." :) hehehe
Microsoft was pissed royally.

Dont forget to send a mail on pgrequest@yahoo.com if you find something on scanning for allowed/denied IP address.

Bye.

I have a tool that I use that shows every single connection going to the server (local machine) with reverse DNS lookup and logging function. You can change the update times from 0 seconds to 5 seconds. It's interesting to watch because I know how many AOL or MSN people are surfing my box and which port (web, mail, ftp).

You can also have Win2k log all of these in the event viewer. It's rather messy to go looking through them that way, but it's an alternative if you choose.

You seem a little confused pps111, what do you think a system is, why would you need "many terminal servers" Am i answering your question? did you ask a question? Now i'm confused...

To clear confusions Windows 2000 System means
"Where Windows 2000/NT Servers are sole authority for authentication & authorizatoin for users, resources & computers on a Network or a sub network." It does not inculde client side systems plz note that buddy.

And more terminal servers are needed: because other computers that access a terminal server use the resources of that server including CPU, memory...everything. The client acts as a dumb terminal only with a kb & monitor. So starting few graphics demanding application on a terminal server will make it bow down on knees and scum. So even a 1Ghz with 5 users connect on Win2000 Terminal server will make it 200MHz for each user...it is wher linux & unix shine out distinctively. So more manchines are needed to distribute the load.

Active Directory is like a big mess up !! You have to set up group policies & all that stuff is a bloody hell and maintaining is worse.

To clear confusions Windows 2000 System means
"Where Windows 2000/NT Servers are sole authority for authentication & authorizatoin for users, resources & computers on a Network or a sub network." It does not inculde client side systems plz note that buddy.

Is that a fact,well, in a word, no. A system is a collection of components organized for a common purpose - its quite an ambiguous term but IT DOES include client side machines, plz note that buddy


And more terminal servers are needed: because other computers that access a terminal server use the resources of that server including CPU, memory...everything. The client acts as a dumb terminal only with a kb & monitor. So starting few graphics demanding application on a terminal server will make it bow down on knees and scum. So even a 1Ghz with 5 users connect on Win2000 Terminal server will make it 200MHz for each user...it is wher linux & unix shine out distinctively. So more manchines are needed to distribute the load.

Pretty contradictory little statement, as far as i could tell, your point is: more terminals need more resources, so adding even more terminals should distribute the load. As an admin of citrix metaframe server i'll just say this - wrong, wrong , wrong.


Active Directory is like a big mess up !! You have to set up group policies & all that stuff is a bloody hell and maintaining is worse.

Active directory's alright, try hosting multiple domains without it, any problems you are experiencing probably lie somewhere between the keyboard and the chair.

TO BE CLEAR....

------------------------------------------------------------------------------
To clear confusions Windows 2000 System means
"Where Windows 2000/NT Servers are sole authority for authentication & authorizatoin for users, resources & computers on a Network or a sub network." It does not inculde client side systems plz note that buddy.

Is that a fact,well, in a word, no. A system is a collection of components organized for a common purpose - its quite an ambiguous term but IT DOES include client side machines, plz note that buddy
-----------------------------------------------------------------------------

Did you notice that tiny little word in the first line "A Windows 2000 System" !!!! Mixed/Native Mode also mention that you should have a Windows Server...




PART II :
-------------------------------------------------------------------

And more terminal servers are needed: because other computers that access a terminal server use the resources of that server including CPU, memory...everything. The client acts as a dumb terminal only with a kb & monitor. So starting few graphics demanding application on a terminal server will make it bow down on knees and scum. So even a 1Ghz with 5 users connect on Win2000 Terminal server will make it 200MHz for each user...it is wher linux & unix shine out distinctively. So more manchines are needed to distribute the load.

Pretty contradictory little statement, as far as i could tell, your point is: more terminals need more resources, so adding even more terminals should distribute the load. As an admin of citrix metaframe server i'll just say this - wrong, wrong , wrong.
-------------------------------------------------------------------------

OK YOU ARE CONFUSED OVER TERMINALS AND TERMINAL SERVERS !!! I SAID ADDING MORE TERMINAL SERVERS NOT TERMINALS......YOU ARE INTEREXCHANGING TERMINALS & TERMINAL SERVERS...FOR GOD SAKE DONT DO THAT :((



PART III :
---------------------------------------------------------------------
Active Directory is like a big mess up !! You have to set up group policies & all that stuff is a bloody hell and maintaining is worse.

Active directory's alright, try hosting multiple domains without it, any problems you are experiencing probably lie somewhere between the keyboard and the chair.
---------------------------------------------------------------------
AS FOR A LITTLE ADVICE : TRY HOSTING A LIVE MULTIPLE DOMAINS WITH ALL STUFF YOU EXPECT....YOU WILL THROW OUT THAT "Windows 2000 Server" BOX PACK....ACTIVE DIRECTORY ONLY SOUNDS GOOD.

Note : Are you trying to pick up on me ??? I am sort of getting the feeling that why am I feeling subsidised....HELP ME !!!! I AM CONFUSED !!!! I AM SCARED !!! SOME BODY PLEASE HELP ME !!!!! HELP !!! HELP !!!! :))

I'm not trying to pick on you, and i did make a mistake not reading the "terminal servers" - for that i apologise.

A "windows 2000 system" can also be a terminal server client - in fact, in most situations, its preferable if they are, as you don't have to pay for a terminal services client access license.

You shouldn't take my replies as me picking on you, initially i was trying to understand what you were saying, which is still a little unclear - what about this "scan for allowed, denied ip addresses" - allowed to do what? When you say "mixed/native mode also mention that you have a windows server" what do you mean? and "AS FOR A LITTLE ADVICE : TRY HOSTING A LIVE MULTIPLE DOMAINS WITH ALL STUFF YOU EXPECT....YOU WILL THROW OUT THAT "Windows 2000 Server" BOX PACK" what stuff do you expect? do you know what active directory does?

Please try to answer my questions - i'm not here to argue, and i'm genuinely interested in where this is going.
Pete

And I thought he wanted a tool to watch connections incoming/outgoing from the server. What was I thinking :hippy:

Hi...Ok....Nothing much
------------------------------------------------------------
A "windows 2000 system" can also be a terminal server client - in fact, in most situations, its preferable if they are, as you don't have to pay for a terminal services client access license.
------------------------------------------------------------
Reply: There is a Windows 2000 Terminal server at one end hosting applications. Then there is terminal server lisences needed to access the server which are obtained by clients...called terminal server clients !! Get it. Micro$oft !!! To start lisencising you have to pay Microsoft - they give you a code to start the "terminal server lisencing service".


--------------------------------------------------------------
When you say "mixed/native mode also mention that you have a windows server" what do you mean
--------------------------------------------------------------
Reply : Mixed mode means there is combination of Windows 2000 Server & Windows NT 4 Server on the network...all that trust replationships, authentication...for 2000 have to be work along with NT 4 ((|)) Native mode means there are solely Windows 2000 Server on the network as domain controllers. PLEASE REMMEMBER IT IS INDEPENDENT OF THE CLIENTS : Win 9x, Win NT Workstations, Macs.... :)


-------------------------------------------------------------
do you know what active directory does?
-------------------------------------------------------------
Reply : It is no physical file on a particular machine which you can see but it controlles everything in a domain...user, computers, security, replication, fault tolerance....everthing that you can imagine that happens in domain - Like GOD (he cannot be seen but his presence can be felt and controls every aspect of your life). As for multiple domains it provides fault tolerance by replicating the avtive directory in every domain. So everything you publish in AD gets replicated eg : DNS, DHCP...If one of the domain controllers goes down others can be used....pretty good. BUT DO YOU THINK MICOSOFT CAN HANDLE ALL THIS EFFECIENTLY FROM PAST EXPERIENCES...WE ALL KNOW THE GOOD OLD BABY :) ;) Managing all these requires human resources and that is $$$$.

*********************X*******************

NOW FOR WHAT I WANT :

I WANT TO SCAN A REOMTE SERVER TO SEE WHICH IP ADDRESS HAS BEEN BLOCKED OR ALLOWED. YOU CAN SET THAT ALLOW/DENY IP ADDRESS SETTING...remmember ?? SAY THERE IS A SERVER 180.0.0.1 IN THE VOID AND IT HAS ONLY ALLOWED AN INTERNAL IP OF 180.0.3.45 REST ALL ARE BLOCKED....HOW DO I SCAN IT FOR IT SINCE FOR DENIED IPS IT DOES NOT GIVE ME ACCESS/ERROR PAGE. AND IF AM FROM 180.0.3.45 IT GIVES ME A LOGIN SCREEN OF SOMETHING ELSE.....HOW DO I SCAN FOR THAT DAMM PARTICULAR IP....ANY ONE CAN HELP ME HERE !!!! i cannot sit and change 1000+ ip address to see which is the right one !!! i need a tool !!!

Bye. Hope to get some postive reply from all you guys out there.

Firstly, quit writing in caps, its bad enough you can't string a decent sentance together without doing it in upper case.

You're quite an annoying person, i don't need you to tell me the ins and outs of the microsoft terminal services licensing, i'm an admin of numerous citrix metaframe servers, i never asked you anything, you asked a very vague question with a lot of questionable opinions and thoughts thrown in to boot, i asked for clarification and attempted to put you right in some of your crazier ideas, and you reply WITH A LOT OF MANIC BABBLING THAT NOT MAKE NO SENSE OF ANYHOWS (need i say,sic)

As for your ridiculous question, have a look

here

Quote:

---

Originally posted by pps111
NOW FOR WHAT I WANT :

I WANT TO SCAN A REOMTE SERVER TO SEE WHICH IP ADDRESS HAS BEEN BLOCKED OR ALLOWED. YOU CAN SET THAT ALLOW/DENY IP ADDRESS SETTING...remmember ?? SAY THERE IS A SERVER 180.0.0.1 IN THE VOID AND IT HAS ONLY ALLOWED AN INTERNAL IP OF 180.0.3.45 REST ALL ARE BLOCKED....HOW DO I SCAN IT FOR IT SINCE FOR DENIED IPS IT DOES NOT GIVE ME ACCESS/ERROR PAGE. AND IF AM FROM 180.0.3.45 IT GIVES ME A LOGIN SCREEN OF SOMETHING ELSE.....HOW DO I SCAN FOR THAT DAMM PARTICULAR IP....ANY ONE CAN HELP ME HERE !!!! i cannot sit and change 1000+ ip address to see which is the right one !!! i need a tool !!!

Bye. Hope to get some postive reply from all you guys out there.

---

Let me get this straight. You have a machine that is setup to only allow connections from only one IP address. Without knowing what IP address it will accept connections from, you want a tool that will go to this machine and find out which IP address this machine will accept connections from without changing your IP to the thousands of possible IPs manually to find out.

If this is what you mean, then I will continue on..... :D

Nice link petemcevoy. I'll remember not to follow any of your future links.

pps111, I wish I could help you, but it looks like knightmb might be able to.

Hey man, sorry to do that to you, it was never my intention to piss people off - i lost the rag with this guy - sorry!

I don't want to mislead any people here on a quest for knowledge - you've came to the right place- there's a lot of people here that know thier ****, just think b4 u post

---------------------------------------------------------------------------------
knightmb :

Let me get this straight. You have a machine that is setup to only allow connections from only one IP address. Without knowing what IP address it will accept connections from, you want a tool that will go to this machine and find out which IP address this machine will accept connections from without changing your IP to the thousands of possible IPs manually to find out.

If this is what you mean, then I will continue on.....
-------------------------------------------------------------------------------



Yes. Thank You :)



PS : Sorry fellows for all that gabbling.