Re: Deny Specific Incomming IP to Webserver

Many of the consumer type devices do not allow you to create individual
rules for inbound exceptions as they generally allow you to port forward
only. I use a Netscreen 5XP here at home that can filter inbound
connections. I see them on Ebay [see link below] for as little as $69 used
for a unit that allows 10 outbound connections [unique IP addresses]. ---
Steve

http://cgi.ebay.com/NetScreen-5XP-NS-5XP-001-Updated-Firmware-5-0_W0QQitemZ5837680629QQcategoryZ64020QQrdZ1QQcmdZViewItem

"Yogi_Bear_79" <nospam@xxxxxxxxxxx> wrote in message
news:ddCdnVH4_-YT3QvenZ2dnUVZ_vudnZ2d@xxxxxxxxxxxxxx
> Steve,
>
> While I am reading the page you sent me, I wanted to let you know that
> my SOHO is a Linksys BEFCMU10. It appears the the FIREWALL portion is
> only for outbound..Seems odd that it wouldn't filter inbound
>
>
>
> "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:WpSdnUt1s9kfqgvenZ2dnUVZ_sqdnZ2d@xxxxxxxxxxxxxx
>> Ipsec should work if configured correctly and will block the IP at the
>> network layer before the application ever sees it. The link below may
>> help with ipsec filtering policy configuration. Your SOHO router may or
>> may not be able to do what you want depending on it's capabilities.
>> "Real" firewalls would allow you to add a firewall rule that blocks
>> access from a specific IP and the ordering of firewall rules is important
>> to make sure the more specific rules are processed before the general
>> rules. Ipsec rules are not dependant on the order they are listed but
>> instead are assigned a weight with more specific rules taking precedence
>> over general rules. Let me know if you still have problems with
>> ipsec. --- Steve
>>
>> http://www.securityfocus.com/infocus/1559
>>
>> "Yogi_Bear_79" <nospam@xxxxxxxxxxx> wrote in message
>> news:lKmdnescWvm_rQveRVn-rw@xxxxxxxxxxxxxx
>>>I would like to be able to deny specific IPs from ever hitting my Apache
>>>web server. I can Deny them via the httpd.conf file, but that only stops
>>>them from getting my pages, they still know the server exists.
>>>
>>> I tried via the IP Security Policies in MMC but my test computer still
>>> showed up in the Apache log. Since I have port 80 forwarded through my
>>> SOHO router to my WebServer, is it possible to actually deny a specifi
>>> IP from seeing open port?
>>>
>>> Any suggestions of a non overly intrusive software firewall, or a built
>>> in ACL, or filter would be greatly appriciated.
>>>
>>
>>
>
>


.

Relevant Pages

  • Re: OT: Trend Micro WFBS beta starting soon
    ... Trend firewall, even set to High, has inbound NetBIOS ports open. ... default 3389 port, web browsing, email, etc. ... it opens inbound NetBIOS connections until the laptop is rebooted. ...
    (microsoft.public.windows.server.sbs)
  • Re: Deny Specific Incomming IP to Webserver
    ... I also ran two independent port scans, ... I use a Netscreen 5XP here at home that can filter inbound ... >>> help with ipsec filtering policy configuration. ... >>> precedence over general rules. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Norton Personal Firewall 2003
    ... > i can exclude the intrusion detection called "port scan". ... > After that i changed the security level to HIGH. ... the firewall checks unsolicited inbound communications attempts. ...
    (comp.security.firewalls)
  • Re: ISA 2004 Publishing Rule ?
    ... I would clarify on whether they need inbound access to your network or not. ... Considering that your only TCP port is listed as outbound only, I'm going to guess that you'll be fine with outbound only. ... Since there is no need opening up inbound unless you absolutely have to, I would configure ISA to allow this traffic outbound and see if it works. ...
    (microsoft.public.windows.server.sbs)
  • Re: Receive/Send ports - Unable to add Inbound/Outbound Maps
    ... > Experiencing an strange issue in BizTalk 2004 when creating a new Receive ... > I knew I had at least 1 Inbound Map and yet it fails to display also. ... > unable to add a new row in any of my inbound or outbound maps. ... > new port, none for me. ...
    (microsoft.public.biztalk.general)