How to ban single ip?

I

ih82bl84f1

n00b
Joined
Mar 7, 2007
Messages
57
Good very hello!

I am looking for preferably a freeware app where all I have to do is enter an ip address to stop it from connecting to my computer that will maintain a list.

I currently run Vista home premium in DMZ on router and have OS firewall disabled. I have many server apps and p2p programs running on it. I do not want to run a firewall. I have tried PeerBlock,BeeThink IP Blocker and NetLimiter but do not need all the services they install and the complexity of unlimited options and configurations.

Is there a command line string I could use perhaps to terminate and block an ip or a more simple approach? Just looking for a straight forward simple appraoch if possible.
 
what you are looking for is called a firewall. blocking unwanted traffic is what firewalls do...
Posted via [H] Mobile Device
 
why do you not want a firewall?

it is what you need and peerblock is not complex, just choose NOT to install everything.

straight forward, get a decent firewall (pfsense.untangle) and tell it to block X ip, done.
 
Just re-enable Windows Firewall or use a good 3rd party firewall like Comodo and you're all set.
 
pigwalk said:
What about adding the IP to hosts?
Click to expand...

forgot about that, but that would be for outgoing only, it wouldnt stop incoming.

Windows firewall on Win7 has the advance settings, you could do a block rule on the incoming side.
 
What's wrong with you?

If you are trying to download linux iso's you're doing it all wrong.

Put it behind your router with the spi firewall on. Turn on your OS firewall.

Forward ONLY the ports that you need to the box in question. Vista will ask if you want to allow, and you say yes.

As for blocking the IP in question, route the traffic coming from it to a null ip. I am unsure as to what router you are using, but I can set rules based on IP, and I would simply forward it to an IP not on the same subnet and call it a day if you are concerned.

But, since you run your shit with no protection, I am sure that nigerian royalty are up in your shit and you have more than you think going on.
 
Thank you all for both your critical sarcasm and helpful hints ... hehe
I do NOT want to block ports and a firewall will not block specific ip's.. I want my servers open and accessible and would like to block an occassional ip is all. As for the "Nigerian Royality", my computer is clean with every reboot as it is run virtualized.

The PeerBlock is worthless to me because if I block the IP, it then connects over http ssl and that can be recitified by blocking http but that then shuts down my http fileserver. I am sure some of you might be familiar with hamachi. Once my connections are made to my networks, I then terminate the handshake ip's with hamachi to just maintain an ephemeral connection.

No, I do not understand networking and am not a techie in high regard but I know what I want to be able to do and that is simply, be able to block an IP. I am looking into Xipher's suggestion of "Null routes" as that appears to be the best answer as to what I am trying to accomplish.
 
yes, a firewall can block specific IPs. its called an Access Control List (ACL).

Just because your servers are virtualized does not mean they are immune to being compromised. there are vulnerabilities in evry OS out there. If you have no firewall protection to you host then it is only a matter of time before it catches something...
Posted via [H] Mobile Device
 
Look, I understand you're not a techie, and you don't understand networking. But in this case, with the DMZ and disabling any possible firewall, you're INTENTIONALLY screwing yourself over in every way possible. Frankly, if you're not willing to admit what your doing is silly, dangerous, and unneccessary, there seems to be no point in giving advice here.
 
You need to learn the basic of networking really, blocking HTTP, would not block your website if you had it properly configured.

you took the easy way out, put your servers wide open with no protection, no offense, but it IS people like you who spread viruses and exploits with their unsecured servers, i don't care if it is in a VM, VM's get viruses because VM's run an OS, just because it is in a VM doesn't magically protect you from viruses and exploits my friend.

I hope the only website you run is some personal blog, because if you actually host websites for money or a business, you should inform them you do not know what it is your doing and let them know their information is wide open to anyone who wants to take it.
 
I have been running my system open for over 5 years now and last virus I ever caight was before XP sp2. I do not run any commercial software or website. This is a personal computer and I did not ask for anyones help who didnt want to in regards to my question I posted (entropism).I have certainly heard it all before. Thank you for your concern, but it is not one for me. I only wanted a simple way to block a single IP and not any songs and dances I have never been compromised losing any personal info and I do not run a bot infested machine. I have disabled many services that run natively on here and the servers I run are mostly little freeware apps like HFS Fileserver and the like.I can see I asked this in the wrong forum as I am not an IT for anyone but my own computers in my house.
 
ih82bl84f1 said:
I can see I asked this in the wrong forum as I am not an IT for anyone but my own computers in my house.
Click to expand...
You posted the question in the most appropriate forum. The root problem is that you do not like the answers given nor the supporting reasons (ie: a firewall of some sort for incoming IP blocking). The advice offered here was free; do with it as you choose.
 
Last edited:
I have tried many different firewalls. I am able to block apps and ports VERY successfully with them but have not been able to filter by IP. My router does not have the option either but will allow me to block websites and allows keywood blocking also. The firewall has done me NO good whatsoever in regards to my concern. Windows firewall does not give me the ip filtering option either for everyone that tells me I need to use that to filter them.

I have got very few answers but have been chided more for not having a firewall. Thats is a senseless answer to me unless someone can recommend one that does ip banning. Then they would have answered my question.

The NullRoute has been the most helpful so far as soon as I learn about them. That was an answer to IP filtering I can bite on so far.
 
What router do you have?

Have you ever thought of replacing it with a 'nix based x86 router? PFsense or smoothwall will allow you to block IP's at the router. All you'd need is a older low power pc with 2 nic cards and the software.
 
ih82bl84f1 said:

I currently run Vista home premium in DMZ on router and have OS firewall disabled.
Click to expand...

Wow...I'd say a format and re-install of the OS is one of your first priorities.

Anyone want to take bets, in ranges of 10, as to how many back doors and trojans are on this computer?
 
ih82bl84f1 said:
I have got very few answers but have been chided more for not having a firewall. Thats is a senseless answer to me unless someone can recommend one that does ip banning. Then they would have answered my question.

The NullRoute has been the most helpful so far as soon as I learn about them. That was an answer to IP filtering I can bite on so far.
Click to expand...
You likely missed MrGuvernment's recommendation of Pfsense and Untangle shortly before the "nullroute" post. Take another look.

If what has been presented is not what you're looking for, then provide something constructive from your own evaluations of the suggestions on why they do not fit the need.
 
Last edited:
Everyone else has said it, but I think it needs to be repeated: FIREWALL. If you want with pfSense you can forward EVERY port to one host, but seriously, you DMZ'd a server? WTF?
 
Last edited:
ih82bl84f1 said:
I have never been compromised losing any personal info and I do not run a bot infested machine.
Click to expand...

Times vary a little bit but it take anywhere from 5 seconds to 12 minutes for an unprotected windows machine (such as yours) to be infected when exposed to the internet as you have it. So you probably are and just don't realize it since you have no systems in place to protect you from and inform you of problems.

You haven't said why you want to block individual IP addresses however doing so from a security standpoint is like going to war with China and arming yourself with a toothpick, it's not going to work out in your favor.

From those of us who do this daily we are giving you the right answer- a Firewall is what you want. Since it sounds like you already have one but have just put yourself in the DMZ of it you can probably put your PC back behind your router/firewall then just forward the ports you need open for your various applications. Then they still work and your level of protection jumps up from it's current level of zero.

Taking a little time to learn and do it right will save you tons of time & pain down the road.
 
StarTrek4U said:
Times vary a little bit but it take anywhere from 5 seconds to 12 minutes for an unprotected windows machine (such as yours) to be infected when exposed to the internet as you have it. So you probably are and just don't realize it since you have no systems in place to protect you from and inform you of problems.
Click to expand...

While I agree with everyone else here that a firewall is what you need, I disagree with the idea that every unprotected windows box is already infected with every disease known to man. With only a few exceptions in the past decade (code red?), a default install of Windows with regular system updates and a knowledgeable user behind the keyboard is "safe enough". Before I switched to MacOS full time, I ran an XP box which, despite having no firewall and no anti-spyware/anti-malware/anti-virus, scanned clean with Trend Micro online every month. On the rare occasion that I did a quick nmap against it, it had no unusual ports open. There were no unusual processes running (at least, via Task Manager.) It carried on for years without a single issue, not the 5 seconds - 12 minutes claimed above.

Maybe I was the odd man out. I know I definitely recommend a tighter security setup for my friends and family. Heck, every time I visit my folks, I'm uninstalling the latest "toolbars" from their machine. But for my personal use, I do not consider an unsecured Windows box to be the end of the world.
 
TeeJayHoward said:
. With only a few exceptions in the past decade (code red?), a default install of Windows with regular system updates and a knowledgeable user behind the keyboard is "safe enough".
Click to expand...

Much much personal/on the job experience (work with computers/networks for a living) can attest to the contrary.

Going back to the early days of broadband, I noticed that computers directly plugged into a modem from the ISP...frequent issues. Computers behind a NAT router...far fewer issues. It got to the point, where when I sat down in front of a computer to do work on it..if I eyeballed the setup and saw it was directly plugged into a pure modem...it was almost guaranteed to be a problem.

How many DCOM and RPC exploit worms have there been over the years? Far more than just a few exceptions.

I'll agree regular system updates certainly helps...but lets be realistic...what percentage of those end users really maintain that?
How many "average joe home user" people even change the Administrator password of a Windows machine? I kinda doubt a person who is just using a box as a warez-house does. If the OP didn't...a Winders box on a public IP without a firewall...even an amateur computer curious 10 year old kid could shred that box in 30 seconds from across the internet.

And I've worked on too many Windows servers that were setting right on a public IP without being behind NAT.

Add to this throught process.....most "bots" that get installed into computers are silent runners, you don't know they're there, they don't want you to find them, they want to just silently run and utilize your CPU and connection...low key. And many antivirus programs won't find them.

Interesting article I read last week by a security source, last year...over 25 million new malware variants came out. The year before that...the sum of malware variants was 15 million. So lets ponder for a minute...how long have computers been out, and malware...and see the rise of just last years stats...now draw that graph...pretty steep curve last year?

Another intersting statistic from that article I read, over 92% of the worlds e-mail is now considered SPAM.

Know what helps bump up those statistics? Recently..the big driving force is armies of netbots. Unsecured machines.

A lot of us in IT deal with headaches that are caused (if not at least spread) by........people who are...hmmm..I don't want to use that word that starts with an "ign"..but...people who just don't know.
 
YeOldeStonecat is spot on as usual.

Seriously, from what the OP has written is sounds like they should be looking at port forwarding via their router and then use a firewall like Comodo to specifically block those IP addresses that have been deemed undesirable. Otherwise replace the SOHO router with a box running one of the previously recommended free firewall distributions.
 
I won't type the scathing response that came to mind when reading this, but suffice to say I'm with the [H] on this.

BTW.........sc0tty8..............your just - not right man....:eek: I know a therapist if you need it.:D
 
Monkey34 said:
I won't type the scathing response that came to mind when reading this, but suffice to say I'm with the [H] on this.

BTW.........sc0tty8..............your just - not right man....:eek: I know a therapist if you need it.:D
Click to expand...

For what? I got my title from Kyle. I actually materbate to pics of your mom:D
 
You must log in or register to reply here.
Back
Top