Windows - Blocking Ips

Copy this and pasted it to a text file and change the extension to cmd. Change the 100.100.100.100 address to the address you want to block.

Start copy HERE :

REM (c) Microsoft Corporation 1997-2003
REM Packet Fileters for Server Hardening
REM
REM Name: PacketFilters-ServerHost.CMD
REM Version: 1.0

REM This CMD file provides the proper NETSH syntax for creating an IPSec Policy
REM that blocks all network traffic to an SMTP Bastion Host except for what is
REM explicitly allowed as described in the Windows 2003 Server Solution Guide.
REM Please read the entire guide before using this CMD file.

REM Revision History
REM 0000 - Original March 21, 2003
REM 0001 - Original April 16, 2003

:IPSec Policy Definition
netsh ipsec static add policy name="Packet Filters - Your Web Host" description="Server Hardening Policy" assign=no

:IPSec Filter List Definitions
netsh ipsec static add filterlist name="Banned IPS" description="Server Hardening"

:IPSec Filter Action Definitions
netsh ipsec static add filteraction name=SecPermit description="Allows Traffic to Pass" action=permit
netsh ipsec static add filteraction name=Block description="Blocks Traffic" action=block

:IPSec Filter Definitions
netsh ipsec static add filter filterlist="Banned IPS" srcaddr=100.100.100.100 dstaddr=me description="Banned IPS" protocol=any srcport=0 dstport=0

:IPSec Rule Definitions
netsh ipsec static add rule name="Banned IP Rule" policy="Packet Filters - Your Web Host" filterlist="Banned IPS" kerberos=yes filteraction=Block

END COPY HERE.

This will create an ipsec policy and add a list of blocked ip addresses. You will need to open an mmc and add the "IP Security Policies" snapin to assign the policy to your server. From that point you can run the command from a command line with the ip you want to ban and it will be banned:

"netsh ipsec static add filter filterlist="Banned IPS" srcaddr=PUT.BANNED.IP.HERE dstaddr=me description="Banned IPS" protocol=any srcport=0 dstport=0"