locked
Blocking a list of IPs - Vista RRS feed

  • Question

  •  

    Is there someway i can import a list of blocked ip's to windows vista firewall?

    • Go into "Windows Firewall with Advanced Security"
    • Click "New Rule"
    • Click “Custom” [Enables creating custom rules]
    • Click “Next”
    • Click “All Programs”
    • Click “Next”
    • Selected Protocol type “Any” [Since we wish all block all communication]
    NOW HOW TO INSERT THE RANGE OF IPS GENERATED BY BLOCKLIST MANGER HERE?

     

    Thursday, February 28, 2008 2:10 AM

Answers

  • Hi

    Windows Vista Firewall blocks by default all incoming network connections on public networks (such as the internet). This means that any IP that you haven't created an exception for is blocked from accessing your computer on any port.

    Adding that large list of IPs to the block list is simply unneeded.
    Tuesday, March 4, 2008 9:14 PM

All replies

  • Hi Smile

    If you could tell us what exactly are you trying to acomplish we might suggest a better way, rather than a static firewall block on a bunch of IPs. To my knowledge, you can't import a pre-populated list of IPs into the firewall.
    Saturday, March 1, 2008 8:24 AM
  • Well i have a (large) list of ips from which i wish to isolate my computer from. Putting those ip's to my block list manually (which would mean 1 ip at a time) is not an option for me!


    I donot wish to run 3rd party application since they are not fully compatible with vista nor do they do a complete job.


    Now what am i suppose to do? : |

     

    Tuesday, March 4, 2008 12:49 AM
  • Hi

    Windows Vista Firewall blocks by default all incoming network connections on public networks (such as the internet). This means that any IP that you haven't created an exception for is blocked from accessing your computer on any port.

    Adding that large list of IPs to the block list is simply unneeded.
    Tuesday, March 4, 2008 9:14 PM
  • Well a very minor example could be found on visiting http://abcnews.go.com/, where I do not wish to connect to "203.81.232.116", which belongs to Starware Corporation. Details about this company can be found below;

     

    Adware.StarwareUpdated: February 13, 2007 11:43:40 AM

    Type: Adware

    Publisher: Starware.com

    SUMMARYBehavior

    Adware.Starware is a Browser Helper Object that creates a search bar in Internet Explorer. It also displays advertisement web pages.

    [Reference Site: http://www.symantec.com/security_response/print_writeup.jsp?docid=2005-050313-4341-99]

    As you said earlier “To my knowledge, you can't import a pre-populated list of IPs into the firewall.” & my argument is Why not? There should be a way! After such claims about security & privacy ...

    Friday, March 7, 2008 1:30 AM
  • Hi Smile

    First of all, we need to clear up some things. Visiting that page will not get you infected. Installing the Starware Toolbar is considered a risk, but visiting that page isn't.

    If you want to block certain sites, you can use the HOSTS file. Create a text file on your desktop and name it HOSTS. Begin the file with :

    127.0.0.1       localhost
    ::1             localhost

    And continue in the same pattern

    127.0.0.1   Bad host << this will null-route the request for that given host. When you save it, save it without an extension and move it to the c:\windows\system32\drivers\etc\ . You can use an already created HOSTS file as the MVP Hosts File.
    You can easily paste your list of sites on top of the MVP hosts file (that contains already alot of known bad sites)

    Friday, March 7, 2008 11:05 AM
  • well not exactly what i was looking for but good bit of info!!
    Thanks!


    Wednesday, May 7, 2008 5:39 PM
  •  

    It is possible to create outbound firewall block rule using the Windows Firewall with Advanced Security snap-in. Please refer to: http://technet.microsoft.com/en-us/library/bb877967.aspx

     

    Wednesday, May 7, 2008 7:20 PM
  • windows firewall is not the easiest to configure.. given that i wish to have ip level control over most applications except internet browser. I would have to keep updating the rules all day long if i were to implement this in WF. (leave everything aside and start doing this .. ha).






    Saturday, May 10, 2008 8:41 AM