Re: How to block an IP range on w W2K server?

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 02/26/05 

Date: Fri, 25 Feb 2005 22:41:15 -0600

An ipsec filter policy with a block action for a particular IP, range of IP
addresses, or subnet should work. Make sure you have the source and
destination right. The source IP would be their IP address, protcol would be
any, and source port would be any [which would be indicated by zero]
Unfortunately ipsec in W2K does not do any logging to see what exactly is
happening. Possibly you do not have the right range of IP addresses blocked.
A better solution would be to use a firewall device that can do extensive
logging and create rules for it to block specific IP addresses. --- Steve

"Louis schreyer" <spam1@aquarix.de> wrote in message
news:cvmquv$fep$05$1@news.t-online.com...
> Hello,
>
> just another question: On our W2K server is a mailserver installed, some
> nice people from china try to break in to this mailserver since a lot of
> weeks. (HLTT communications owns the network the access is coming from, a
> well known spam hoster)
>
> I would like to block all access from the IP range of HLTT to my
> webserver, is that possible? I tried to make a rule to ipsec, but it still
> lets them access the webserver. I made rules from the IP adress from HLTT
> to my IP adress, any port with filter action BLOCK.
>
> How can I block them ?
>
> Louis
>