Tjyylli

What ability score modifier does a javelin's damage use?

Vocabulary for giving just numbers, not a full answer

Is it possible to avoid unpacking when merging Association?

Does the US political system, in principle, allow for a no-party system?

What is Earthy controling in the ISS cupola?

Why restrict private health insurance?

Whose blood did Carol Danver's receive, Mar-vell's or Yon-Rogg's in the movie?

Does an unused member variable take up memory?

Can one live in the U.S. and not use a credit card?

Virginia employer terminated employee and wants signing bonus returned

What do *foreign films* mean for an American?

How do spaceships determine each other's mass in space?

What can I do if someone tampers with my SSH public key?

When a wind turbine does not produce enough electricity how does the power company compensate for the loss?

Why does cron require MTA for logging?

how to modify custom status text color in UI component grid magento 2?

Can we track matter through time by looking at different depths in space?

Why do phishing e-mails use faked e-mail addresses instead of the real one?

What is Tony Stark injecting into himself in Iron Man 3?

Can I negotiate a patent idea for a raise, under French law?

Called into a meeting and told we are being made redundant (laid off) and "not to share outside". Can I tell my partner?

Create chunks from an array

Minimizing with differential evolution

What would be the most expensive material to an intergalactic society?

Blocking incoming connections from IP in windows XP

Ubuntu 9.04, Firestarter complaints even behind the NAT routerHow to block all traffic but one IP in Windows Firewall?Is Iptables blocking outgoing ssh connections?Why Windows Firewall does not block outgoing traffic?How to block all traffic except one in windowsIs it worth to block inbound packets from a security standpoint?Block TCP connection to certain domainBlock all internet traffic except for Chrome using Windows 7 firewallReceiving UDP packets through firewallBlocking outgoing traffic with Windows 10 Firewall for a specific Windows user

1

I have a request to block any incoming connections from a block of IP addresses but they would like to leave the outgoing traffic alone (no block). Is there a way to do this in Windows XP? The Windows Firewall does not seem to be able to do this as far as I can tell, and I tried setting a local ip security policy (secpol.exe) to block this IP range but it blocks in both directions. This would be internal to the local network and the outgoing packets will be UDP so I do not need to worry about packet acknoledgement. Does anyone have any suggestions?

Thanks!

firewall ip security-policy

share|improve this question

edited Sep 26 '13 at 17:13

William MacDonald

asked Sep 26 '13 at 15:52

William MacDonaldWilliam MacDonald

64

bumped to the homepage by Community♦ 10 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  OP, whats your service pack version? windows firewall was introduced with SP2, and is inbound only. @Ramhound: XP was popular before home routers/NAT gateways became ubiquitous, and it also loaded many network accessible services by default, so a box on an open internet connection was very vulnerable straight out of the box. MS has made great strides in making their default OOB settings safer over the last decade, by hardening their IP stack and leaving network accessible service off unless explicitly enabled. It sometimes suprises me how far we've come (...makes me feel old...).
  
  – Frank Thomas
  Sep 26 '13 at 16:16
  
  
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  @FrankThomas - I am very familar with Windows Firewall and it was designed to solve a specific problem that was popular ( basically port attacks on open ports ) at the time. My comment is also incomplete by mistake so I will just delete it. It was suppose to say "...does not have the ability to blocking incoming traffic but allow outgoing traffic ... then you will require more advanced security software"
  
  – Ramhound
  Sep 26 '13 at 16:23
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  If you block all traffic coming in from an IP then you can't communicate with that IP (in or out), as you won't get the answers/acknowledgments to your requests.
  
  – Ƭᴇcʜιᴇ007
  Sep 26 '13 at 16:33
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  This is Service Pack 2. techie007 makes a good point although the outgoing traffic to this IP would be UDP so I don't need acknowledgements (As far as I know). Although that would explain why I wasn't able to ping that IP once I blocked the incoming traffic...
  
  – William MacDonald
  Sep 26 '13 at 16:45
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @techie007 - Exactly. Which is the reason its a strange to attempt to do that.
  
  – Ramhound
  Sep 26 '13 at 17:05
  

  
  
  
  

 | 
show 1 more comment

1

I have a request to block any incoming connections from a block of IP addresses but they would like to leave the outgoing traffic alone (no block). Is there a way to do this in Windows XP? The Windows Firewall does not seem to be able to do this as far as I can tell, and I tried setting a local ip security policy (secpol.exe) to block this IP range but it blocks in both directions. This would be internal to the local network and the outgoing packets will be UDP so I do not need to worry about packet acknoledgement. Does anyone have any suggestions?

Thanks!

firewall ip security-policy

share|improve this question

edited Sep 26 '13 at 17:13

William MacDonald

asked Sep 26 '13 at 15:52

William MacDonaldWilliam MacDonald

64

bumped to the homepage by Community♦ 10 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  OP, whats your service pack version? windows firewall was introduced with SP2, and is inbound only. @Ramhound: XP was popular before home routers/NAT gateways became ubiquitous, and it also loaded many network accessible services by default, so a box on an open internet connection was very vulnerable straight out of the box. MS has made great strides in making their default OOB settings safer over the last decade, by hardening their IP stack and leaving network accessible service off unless explicitly enabled. It sometimes suprises me how far we've come (...makes me feel old...).
  
  – Frank Thomas
  Sep 26 '13 at 16:16
  
  
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  @FrankThomas - I am very familar with Windows Firewall and it was designed to solve a specific problem that was popular ( basically port attacks on open ports ) at the time. My comment is also incomplete by mistake so I will just delete it. It was suppose to say "...does not have the ability to blocking incoming traffic but allow outgoing traffic ... then you will require more advanced security software"
  
  – Ramhound
  Sep 26 '13 at 16:23
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  If you block all traffic coming in from an IP then you can't communicate with that IP (in or out), as you won't get the answers/acknowledgments to your requests.
  
  – Ƭᴇcʜιᴇ007
  Sep 26 '13 at 16:33
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  This is Service Pack 2. techie007 makes a good point although the outgoing traffic to this IP would be UDP so I don't need acknowledgements (As far as I know). Although that would explain why I wasn't able to ping that IP once I blocked the incoming traffic...
  
  – William MacDonald
  Sep 26 '13 at 16:45
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @techie007 - Exactly. Which is the reason its a strange to attempt to do that.
  
  – Ramhound
  Sep 26 '13 at 17:05
  

  
  
  
  

 | 
show 1 more comment

I have a request to block any incoming connections from a block of IP addresses but they would like to leave the outgoing traffic alone (no block). Is there a way to do this in Windows XP? The Windows Firewall does not seem to be able to do this as far as I can tell, and I tried setting a local ip security policy (secpol.exe) to block this IP range but it blocks in both directions. This would be internal to the local network and the outgoing packets will be UDP so I do not need to worry about packet acknoledgement. Does anyone have any suggestions?

Thanks!

firewall ip security-policy

share|improve this question

edited Sep 26 '13 at 17:13

William MacDonald

asked Sep 26 '13 at 15:52

William MacDonaldWilliam MacDonald

64

share|improve this question

edited Sep 26 '13 at 17:13

William MacDonald

asked Sep 26 '13 at 15:52

William MacDonaldWilliam MacDonald

64

share|improve this question

edited Sep 26 '13 at 17:13

William MacDonald

asked Sep 26 '13 at 15:52

William MacDonaldWilliam MacDonald

64

asked Sep 26 '13 at 15:52

William MacDonaldWilliam MacDonald

64

asked Sep 26 '13 at 15:52

William MacDonaldWilliam MacDonald

64

1 Answer
1

active

oldest

votes

0

You could use PeerBlock. It's a program that lets you block specific IPs. I used it for various gaming servers when I wanted to get rid of the user.

share|improve this answer

answered Sep 26 '13 at 17:00

VladVlad

3483717

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f650717%2fblocking-incoming-connections-from-ip-in-windows-xp%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

0

You could use PeerBlock. It's a program that lets you block specific IPs. I used it for various gaming servers when I wanted to get rid of the user.

share|improve this answer

answered Sep 26 '13 at 17:00

VladVlad

3483717

add a comment | 

0

You could use PeerBlock. It's a program that lets you block specific IPs. I used it for various gaming servers when I wanted to get rid of the user.

share|improve this answer

answered Sep 26 '13 at 17:00

VladVlad

3483717

add a comment | 

You could use PeerBlock. It's a program that lets you block specific IPs. I used it for various gaming servers when I wanted to get rid of the user.

share|improve this answer

answered Sep 26 '13 at 17:00

VladVlad

3483717

share|improve this answer

answered Sep 26 '13 at 17:00

VladVlad

3483717

answered Sep 26 '13 at 17:00

VladVlad

3483717

answered Sep 26 '13 at 17:00

VladVlad

3483717