1
I have a request to block any incoming connections from a block of IP addresses but they would like to leave the outgoing traffic alone (no block). Is there a way to do this in Windows XP? The Windows Firewall does not seem to be able to do this as far as I can tell, and I tried setting a local ip security policy (secpol.exe) to block this IP range but it blocks in both directions. This would be internal to the local network and the outgoing packets will be UDP so I do not need to worry about packet acknoledgement. Does anyone have any suggestions?
Thanks!
OP, whats your service pack version? windows firewall was introduced with SP2, and is inbound only. @Ramhound: XP was popular before home routers/NAT gateways became ubiquitous, and it also loaded many network accessible services by default, so a box on an open internet connection was very vulnerable straight out of the box. MS has made great strides in making their default OOB settings safer over the last decade, by hardening their IP stack and leaving network accessible service off unless explicitly enabled. It sometimes suprises me how far we've come (...makes me feel old...). – Frank Thomas – 2013-09-26T16:16:15.133
1@FrankThomas - I am very familar with Windows Firewall and it was designed to solve a specific problem that was popular ( basically port attacks on open ports ) at the time. My comment is also incomplete by mistake so I will just delete it. It was suppose to say "...does not have the ability to blocking incoming traffic but allow outgoing traffic ... then you will require more advanced security software" – Ramhound – 2013-09-26T16:23:43.457
If you block all traffic coming in from an IP then you can't communicate with that IP (in or out), as you won't get the answers/acknowledgments to your requests. – Ƭᴇcʜιᴇ007 – 2013-09-26T16:33:58.630
This is Service Pack 2. techie007 makes a good point although the outgoing traffic to this IP would be UDP so I don't need acknowledgements (As far as I know). Although that would explain why I wasn't able to ping that IP once I blocked the incoming traffic... – William MacDonald – 2013-09-26T16:45:21.740
@techie007 - Exactly. Which is the reason its a strange to attempt to do that. – Ramhound – 2013-09-26T17:05:18.683
@WilliamMacDonald - The part of sending packets over UDP is important. – Ramhound – 2013-09-26T17:06:02.217