Deny access to certain IP address

Deny access to certain IP address
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Deny access to certain IP address Craig B 08-30-2005
Posted by =?Utf-8?B?Q3JhaWcgQg==?= on August 30, 2005, 12:11 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
How would you go about denying access to various 2000/2003 servers to one
specfic IP address?

I know how to block at my firewall but a internal user is inside and I need
to block his access to various servers. Permissions won't work at this point
I used DHCP to lock his pc to a certain IP address and now I want to block
this ip address access to various servers.

Thanks

Posted by Matt Gibson on August 30, 2005, 12:17 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
One "simplish" way, is to create bogus entries in his host file (if he
connects by using hostnames).

By setting the server's hostname to a nonsensical IP address, he won't be
able to connect.

For anything more complex, you'd need a host level firewall.

Matt Gibson - GSEC



Posted by Phillip Windell on August 30, 2005, 12:42 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
That is the wrong approach. You should be controlling access based on who
the user is,...not what thier IP# happens to be. what do you mean by
"Permissions won't work at this point"? There is no reason permissions
shouldn't work.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------


> How would you go about denying access to various 2000/2003 servers to one
> specfic IP address?
>
> I know how to block at my firewall but a internal user is inside and I
need
> to block his access to various servers. Permissions won't work at this
point
> I used DHCP to lock his pc to a certain IP address and now I want to block
> this ip address access to various servers.
>
> Thanks



Similar ThreadsPosted
Deny change of email address February 8, 2007, 3:48 pm
How to deny access to some internet sites November 10, 2005, 8:40 am
Deny access to d drive by the guest February 24, 2007, 4:51 pm
Grant access to external IP address November 27, 2007, 4:06 pm
Need to to Trace an IP address from a MAC address November 14, 2005, 8:48 am
Deny interactive login August 30, 2005, 11:20 am
Allow to read the file, but deny rename it ? June 11, 2006, 9:14 am
Deny sending attachment through Internet October 5, 2006, 3:08 pm
desktop - deny writing policy January 7, 2008, 12:06 pm
Can change owner of folder when deny in place February 28, 2006, 5:19 am

The site map in XML format XML site map

Contact Us | Privacy Policy