Usually, for windows users there might be cases where we need to
block access/traffic to certain host/servers on some ports using
different protocols. This can be done by network administrator using a
firewall. But these firewalls are expensive and need more configurations
to perform the tasks.
Also these programs need more system resources like Memory and CPU.
Microsoft provides Windows support tools for Windows XP, a command prompt based tool for advanced users to help assist users solve Network block issues. The file name is WindowsXP-KB838079-SupportTools-ENU.exe available in Microsoft Website. This tool creates IPSEC policies which can block traffic to any host and destination.
Ok enough of theory now let’s comes to practicals.Download and install windows support tools by clicking here.
Launch the Program by going to Start->All Programs->Windows Support Tools->Command Prompt. The command used is IPSECCMD.EXE.
Syntax: ipseccmd.exe –f [source IP]= [destination IP]: Port : Protocol
Source ip and destination ip are the host address.
Port: port number on which the traffic is blocked
Protocol: TCP or UDP
E.g.: ipseccmd.exe –f 10.10.10.10=20.20.20.20:80: TCP
The above command will block all the TCP traffic on port 80 from 10.10.10.10 to 20.20.20.20. For removing the above rule use the command ipseccmd.exe -u
Please refer the screen shot for the output
Note: In some machines the IPSEC services might be stopped, in this case you have to start the IPSEC services in windows services for this tool to work properly
Also these programs need more system resources like Memory and CPU.
Microsoft provides Windows support tools for Windows XP, a command prompt based tool for advanced users to help assist users solve Network block issues. The file name is WindowsXP-KB838079-SupportTools-ENU.exe available in Microsoft Website. This tool creates IPSEC policies which can block traffic to any host and destination.
Ok enough of theory now let’s comes to practicals.Download and install windows support tools by clicking here.
Launch the Program by going to Start->All Programs->Windows Support Tools->Command Prompt. The command used is IPSECCMD.EXE.
Syntax: ipseccmd.exe –f [source IP]= [destination IP]: Port : Protocol
Source ip and destination ip are the host address.
Port: port number on which the traffic is blocked
Protocol: TCP or UDP
E.g.: ipseccmd.exe –f 10.10.10.10=20.20.20.20:80: TCP
The above command will block all the TCP traffic on port 80 from 10.10.10.10 to 20.20.20.20. For removing the above rule use the command ipseccmd.exe -u
Please refer the screen shot for the output
Note: In some machines the IPSEC services might be stopped, in this case you have to start the IPSEC services in windows services for this tool to work properly
No comments:
Post a Comment