How do i block a IP in Server 2003?


Recommended Posts

Theres some idiots/bots that are trying to "brute force" my MSSQL server. Pretty weird, the same day i set it up, two (pretty similar) IP's started to try logon to it every second. The stupid guys was even so stupid that the first day they only tried "admin" and "root" account, which of course does not exist, as "sa" is the default admin account :rolleyes:

Anyway, are there anyway i can block ALL request these IP's make to my server?

My router does not have any IP-blocking features, only port blocking.

And in Window's TCP/IP settings it's only possible to block all and allow specified IP's - not allow all, except some specified.

Anyone have any suggestions?

Link to comment
https://www.neowin.net/forum/topic/456687-how-do-i-block-a-ip-in-server-2003/
Share on other sites

  2shae said:

dont allow incoming connections to the port of mysql at all

It's a server for a reason - to be accessable ;)

Pretty amazing that a Server OS misses something as essential as this...

I think i'll go for a new router/firewall.

Anyone know any recommended not-too-advanced WLAN routers? It must be able to block IP's :p

My first question, why do you have a windows server open to the internet? ALWAYS put a server behind a firewall and open only ports you need......

from what i read, some people suggesting adding

ip route x.x.x.x 127.0.0.1

it will null route it to local loopback, not sure if it works....

  GeeZuZz said:

It's a server for a reason - to be accessable ;)

Pretty amazing that a Server OS misses something as essential as this...

I think i'll go for a new router/firewall.

Anyone know any recommended not-too-advanced WLAN routers? It must be able to block IP's :p

I'd setup an IPcop box for your firewall. Then you could forward traffic from those IPs to a nonexistant subnet.

  Intelligen said:

My first question, why do you have a windows server open to the internet? ALWAYS put a server behind a firewall and open only ports you need......

He never said he did. He is apparently serving a SQL database over the net though.

  Intelligen said:

My first question, why do you have a windows server open to the internet? ALWAYS put a server behind a firewall and open only ports you need......

from what i read, some people suggesting adding

ip route x.x.x.x 127.0.0.1

it will null route it to local loopback, not sure if it works....

That would prevent your server from having its responses reach the destination (the IP you want to block) but it would not prevent them from sending traffic to your server.

To do what you want, you will need a firewall of some kind. But you shouldn't be running ANY server without a firewall in the first place...

You have a SQL server, it is available on the net, you don't have a firewall and people are trying to hack into it.

It doesn't matter if you block a few IP ranges. Do you think a hacker is going to use a connecting with a static IP that will be tracable back to him/her?

Just put a proper Server firewall onto the system.

Why do you say i don't have a firewall? Of course i have a firewall, but i can't close everything down, the whole point of the server is to make it accessible, and theres many different IP-adresses that needs to access it, so it would be hard to deny everyone, except given IP's.

MazX_Napalm: Yes it matters if i block those two who are trying. Of course new IP's will try, but i will discover fast and block them.

Seems like you guys are advising me to disconnect my server from the internet. Do you usually advise people with Webservers to get a firewall and close port 80? :unsure:

Were not advising you to take it off the internet, just have a firewall and only allow certain IPs to connect to a certain port. Not sure why you are using the database over internet though.

Is there an application having to connect to your database from a remote location i'm guessing????

If its just a web site connecting to database, allow on your firewall traffic to and from your sql database to your web server. Guess not really sure how your setup is.

Sorry for hte ip route suggestion, after i wrote it, i knew exactly what i said and just left it for someone else to correct my idea. Found it through google... whoops!

  Steven said:

Pretty sure you can accomplish this in the "Routing and Remote Access" services or use TCP/IP Filters. :)

http://www.windowsnetworking.com/articles_...figuration.html

Thanks, i'll try that. As mentioned "TCP/IP-filters can't be use because it for some strange reason won't let me block a single or group of addresses, only the opposite.

Intelligen: It should be available for applications on PC, cell-phones and web - many different IP's and ranges.

Edited by GeeZuZz

Why not block the address range on the router or firewall? Also, you mention that it needs to be accessible. Not all of it. Only route the ports on the firewall over to the server that are needed. Then, setup a firewall rule to block the IP address ranges you need. You can do everything you need on the firewall and not have to touch the server. This will also keep it safe and keep the would be hackers from finding another way in (Windows vulderability, anyone).

Of course you could not follow my advice and the advice of others. We all need more rouge machines on the net acting as bots and spam blasters.

What router/firewall are you using? Any decent basic soho device should allow to block by IP or ranges.. Something as cheap as the linksys rv042 allows for this;

"has IP address filtering so you can specify exactly who has access to your network"

Any firewall/gateway distro can do this, ie IPcop, m0n0wall, etc.. some do it out of the box, others have addons that provide a gui to configure it with out having to directly write the rules, etc.. But all can do it. You can even write scripts to watch your logs, if you see unwanted type traffic - you can then block that IP, etc..

If you current border device does not provide you the functionality you want - get one that does!

betasp: As mentioned, i already have a firewall. Everything is blocked except a few ports (1433, 80, 113 e.g) that are redirected to my server.

It's a 3com router w/firewall, and yes i thought is was weird also that theres no possibility to block IP/ranges.

Anyway, i decided to buy a new router with a little more advanced firewall feature. I think I'll go for D-link 4300, as everybody brags about it.

  majortom1981 said:

you should be able to atleast block mac addresses.

My microsoft mn-700 shows what ip adresses are connected and there mac addresses. Then you can actually blokc the macs that u dont want.

You're referring to MAC filtering, which configures which MAC addresses the router will accept connections from. You can't put in the MAC address of a machine on the internet (1. because you don't know it, and 2. because it wouldn't matter due to gateways).

  GeeZuZz said:

I think I'll go for D-link 4300, as everybody brags about it.

Really ???

* Introducing GameFuel™ Priority Technology designed to provide the uninterrupted and latency-free gaming experience serious online gamers expect

* Customized with game-centric features boasting maximum flexibility for configuration and performance

* Unparalleled 802.11g wireless performance

* Designed for the Gamers Network

Yeah those types of features seem like EXACTLY what your after in securing your network :rolleyes:

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • How to reduce the annoying Liquid Glass effects on iOS 26 by Aditya Tiwari Apple announced Liquid Glass at WWDC 2025 in all of its glory. It's a new glass-inspired design language from the iPhone-maker making its way to most of its software platforms, including iOS 26, iPadOS 26, macOS 26, tvOS 26, and watchOS 26. Apple markets Liquid Glass as a new translucent material that "behaves like glass in the real world. Its color is informed by surrounding content and intelligently adapts between light and dark environments." The Cupertino giant isn't wrong. The new glass-inspired design does bring a fresh coat of paint and some beautiful visuals to the iPhone and other Apple-made devices. However, as the dust from the mega arrival settles, people are starting to realize the current drawbacks of having too much glass on their device. There have been reports of users, including those at Neowin, experiencing readability issues, background separation issues, and trouble focusing on the content displayed on the screen due to its transparent nature. While these are small nuances on Apple's part that can be fixed without much hassle, it's degrading the initial experience of what the company calls its biggest visual upgrade since iOS 7. That said, there are some workarounds built into iOS 26 that will help you tone down the shortcomings. If you're running the iOS 25 Developer Beta 1 on your supported iPhone model, you can follow these steps to make things a little better: Go to the Settings app on your iPhone. Scroll down and tap on Accessibility > Display & Text Size. Next, you'll find two toggle options: Reduce Transparency and Increase Contrast. When you enable the Reduce Transparency toggle button, iOS 26 can "improve contrast by reducing transparency and blurs on some backgrounds to increase legibility." The other toggle, Increase Contrast, does what its name suggests. It can "increase color contrast between app foreground and background colors." Enabling each of these toggle buttons individually or simultaneously will have different effects on your iPhone's user interface. Control Center is being criticized for the extra transparency, making the UI look cluttered and difficult to focus. Here, the Reduce Transparency button adds a darker background to make the Control Center UI elements stand out. Liquid Glass transparency issues are also prevalent in the Notification Center and the navigation controls of various apps. In the image above, see how the text of the navigation buttons has become unreadable or hard to focus on with certain backgrounds. It's challenging to determine what can trigger such behavior, as one can have countless color combinations on their device. In the image below, this is how these buttons look when both Reduce Transparency and Increase Contrast are enabled. It's still a hit or miss depending on what colors you are dealing with. Part of the blame also goes to the fact that iOS 26 is still an early beta, and the change doesn't render as intended every time. You can also notice the difference in the look and feel of the Control Center when reduced transparency is turned on. On a side note, you can add the Reduce Transparency and Increase Contrast buttons in the Control Center for quicker access. That said, let's wait to see what changes Apple will implement as it continues to gather feedback through the beta program. Hopefully, the software will become more stable when the first public beta of iOS 26 arrives sometime in July. Interested users can try out the latest iPhone update through the developer beta program, noting that early builds might come with unexpected bugs and issues.
    • Austin residents rally against Tesla's robotaxi launch by Hamid Ganji Tesla's plan to launch its robotaxi service in Austin, Texas, has sparked protests in the city. While the EV maker targets June 22 as the launch date, local residents are raising their voices against the plan due to political disagreements and safety concerns. As reported by CNBC, public safety advocates and political protesters are organizing protests against Tesla's robotaxi launch in Austin. Members of the Dawn Project, Tesla Takedown, and Resist Austin have cited safety issues with Tesla's automated driving systems. Meanwhile, Elon Musk's involvement in Donald Trump's administration and his work in the Department of Government Efficiency (DOGE) has prompted another group of people to join the Austin protests against Tesla. To show Austin citizens the safety problems of Tesla's self-driving system, The Dawn Project brought a Tesla Model Y to the protest, equipped with the company's Full Self-Driving (FSD) software (version 13.2.9). In the demonstration, the Model Y with FSD software reportedly zoomed past a school bus with a stop sign held out and ran over a child-sized mannequin placed in front of the car. The FSD package includes automatic lane-keeping, steering, and parking. It is unclear to what extent this test was conducted under standard conditions or what Tesla's defense is. However, multiple cases of Tesla FSD software malfunction in the past have resulted in collisions or severe accidents, according to data collected by National Highway Traffic Safety Administration. Interestingly, The Dawn Project CEO Dan O'Dowd is the CEO of another company that sells embedded safety and security solutions to carmakers like Ford and Toyota. It remains to be seen whether Tesla could launch a robotaxi service in Austin despite the residents' protests. Earlier this week, Elon Musk demonstrated the new version of Tesla's FSD software in a post on X. Musk's decisions on DOGE fuel public backlash against Tesla. While Musk left the Trump administration after a beef with the president, he's still a target of public criticism, which directly imapcts Tesla. As a result, the slow sales have even caused Tesla to sell its Cybertruck with 0 percent APR to boost sales.
    • I'm sure Denmark would stand to lose a lot if US consumers stopped buying Danish products, whether that's Lurpak butter or hi-fi equipment.
    • JD Vance will be the next President. Who've the Democrats got? Harris again? lol....
    • Microsoft Edge gets new password feature and security fixes by Taras Buria Microsoft has released a new update for the Edge browser in the Stable Channel. Version 137.0.3296.83 introduces a new password feature and fixes security vulnerabilities to make your browsing experience safer. Starting with new features, Microsoft Edge 137 now supports Secure Password Deployment. Microsoft recently announced this for IT admins, allowing them to share encrypted passwords with user groups. This service lets users log into websites without seeing their passwords, thus enhancing the organization's security. You can read more about Microsoft Edge Secure Password Deployment in our recent article here. Security updates in Microsoft Edge 137.0.3296.83 include two fixes for Chromium vulnerabilities: CVE-2025-5958: Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2025-5959: Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) You can update Microsoft Edge to the latest version by heading to edge://settings/help. The browser can also update itself automatically in the background and apply updates between restarts. In case you missed it, Microsoft released Edge 137 by the end of May. The update deprecated quite a lot of existing features, including Wallet, Image Editor, Image Hover, Mini menu, and Video Super Resolution. It also introduced Web Content Filtering and enhancements for the picture-in-picture player and Find on Page in Microsoft Edge for Business. The next feature update for Microsoft Edge, version 138, is expected on the week of June 26, 2025, as part of the standard four-week release cadence.
  • Recent Achievements

    • Week One Done
      LagFighterZ earned a badge
      Week One Done
    • First Post
      ThatGuyOnline earned a badge
      First Post
    • One Month Later
      5i3zi1 earned a badge
      One Month Later
    • Week One Done
      5i3zi1 earned a badge
      Week One Done
    • Week One Done
      julien02 earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      546
    2. 2
      ATLien_0
      229
    3. 3
      +FloatingFatMan
      165
    4. 4
      Michael Scrip
      119
    5. 5
      +Edouard
      91
  • Tell a friend

    Love Neowin? Tell a friend!