The banning of IP address ranges using Windows.

**wurzul** · September 1st, 2003, 10:48 PM

Quick question:

How do I ban all traffic from a specific IP address using Windows XP? I am able to do this from within Linux using the /etc/hosts.deny functionality. I am not really a Windows user but would like to stop users of my box from visiting certain web sites.

Any comments welcome.

Thanks in advance.

***keezel*** · September 1st, 2003, 11:12 PM

A firewall maybe? Use outpost or something and configure it manually to block certain addresses. I've never actually had this problem.....hope this helps you though.

**SirSub** · September 1st, 2003, 11:29 PM

Blackice also has the option to block IPs

**wurzul** · September 1st, 2003, 11:35 PM

I could install a firewall and configure it to bounce packets based upon the source address but surely the OS has the ability to do this transparently without the need for further software.

***sumdumguy*** · September 2nd, 2003, 12:23 AM

XP has a hosts file as well.. which you can use just like in *nix

c:\windows\system32\drivers\etc\hosts

http://www.accs-net.com/hosts/how_to_use_hosts.html

***Maestr0*** · September 2nd, 2003, 06:38 AM

You should be able to do this fine from Control Panel>Administrative Tools>Local Security Settings and then select IP security policies, then Action>Manage IP filter lists and filter actions>Manage Filter Actions. There are some wizards and stuff that should help you out. This is in Win2000 but AFAIK its the same(or very close) in XP.

-Maestr0

***slarty*** · September 2nd, 2003, 12:45 PM

Originally posted here by wurzul
[B]Quick question:

How do I ban all traffic from a specific IP address using Windows XP?

Can windows XP's firewall not do this? If it can't then it isn't very good.

I am able to do this from within Linux using the /etc/hosts.deny functionality.

No, that is not what hosts.deny does.

Hosts.deny only bans connections to some services (mostly old stuff like telnet and ftp)

Any application which doesn't read hosts.deny will not be affected.

Seeing as such things as web browsers don't take any notice of hosts.deny, they will still be able to receive traffic from banned hosts in that file.

Sumdumguy wrote:

XP has a hosts file as well.. which you can use just like in *nix...

Yes, but that's not what the OP was talking about. hosts.deny is totally unrelated to hosts.

Slarty

**Networker** · September 2nd, 2003, 01:34 PM

I'm not a big fan of winblows but the embedded "firewall" function of XP (previous Maestr0 post described how to conf it) can do just what you're expecting to:
Be a dumb stateless filter just like a Cisco ACL....

N.B. But maybe I'm wrong, & I'll be interesting for a personal AO feedback on XP "firewall" function where it is less efficient than an ACL.

***mohaughn*** · September 2nd, 2003, 07:49 PM

As maestro stated, using IP sec policies is the easiest way to block IPs.

***nebulus200*** · September 2nd, 2003, 07:58 PM

Another easy way to block the IP:

route -p add <offending_ip> 10.255.255.254

(make sure the IP is non-existant on your network).

No firewall needed. I wouldn't recommend doing it too often though.

/nebulus

Thread: The banning of IP address ranges using Windows.

Thread Tools

Display

The banning of IP address ranges using Windows.

Re: The banning of IP address ranges using Windows.

Posting Permissions