Blocking IP addresses (Full Version)

All Forums >> [ISA Server 2000 General] >> General



Message


AnotherGeek -> Blocking IP addresses (25.Dec.2004 1:31:00 AM)

I'm using ISA 2004, and I would like to be able to block those who port scan my network from being able to access anything on my network at all, including the webserver.
Can I write a rule to include IP addresses of those who are scanning me?




habanagold -> RE: Blocking IP addresses (2.May2005 5:15:00 PM)

Did you ever get an answer? I would like to know if ISA Server (specifically 2000) can block an external IP address that starts a port scan.




tderenthal -> RE: Blocking IP addresses (22.Aug.2006 12:56:33 AM)

I too would like to know how this is done. Any answers? Doses anybody ever get any answers from posts on this site?




releaser -> RE: Blocking IP addresses (29.Aug.2006 12:43:37 AM)

As far as the ISA server automatically setting up a rule that blocks an external IP from all access as soon as the foreign IP starts a port scan, I don't know.

If you want to completely block out a specific IP, then yes, you can do that. I've done it a few times.
Go to  your Packet Filters section under Access Policy and create a new Custom rule than blocks all traffic (IP Protocol: Any;Direction:Inbound) on the external ISA servers NIC (Default IP Address for each external interface...) for the Remote Computer (By IP Address) you which to apply the filter to.

I've never actually tested to see how effective this is.

HTH,
Jim




bennyc@hafaguam.com -> RE: Blocking IP addresses (13.Jul.2010 8:22:39 AM)

where / how can you do this in ISA 2006?




Page: [1]