www.promanski.info

Blokowanie WWW za pomocą IPSec

Dość często na grupach dyskusyjnych ludzie zadają pytania typu:
“Ja bym chciał mieć internet ale moja siostra Marysia na swoim koncie już nie – jak to zrobić?”. No i zaczyna się jazda z kombinowaniem z portami, przekierowaniami, firewallami programowymi… i po co? Wystarczy IPSec z Windows.

W poprzednim artykule przedstwiłem w jaki sposób stworzyć Zasadę zabezpieczeń IP oraz Listę filtrów i Akcje filtrowania. Pokazałem w jaki sposób stworzyć najprostrzą regułę blokującą cały ruch sieciowy (zarówno IP jak i ICMP). W tym artykule postaram się pokazać w jaki sposób wykorzystać reguły IPSec w praktyce.

Zaczniemy od najprostrzej, o której mówiłem we wstępie, mianowicie chodzi o zablokowanie WWW (a dokładniej portu 80 lub innego portu przekazującego pakiety WWW – np. niektóre proxy wykorzystują port 8080). W oknie przystawki, którą wcześniej stworzyliśmy (fw.png) klikamy podwójnie na zasadę (wcześniej nazwaliśmy ją Firewall) i w oknie, które się pojawi (firewall_properties.png) klikamy przycisk Dodaj…, w następnym oknie, w zakładce Lista filtrów IP klikamy przycisk Dodaj…, w kolejnym oknie wpisujemy nazwę filtru np. HTTP i klikamy przycisk Dodaj…, w kreatorze, który się pojawi klikamy dalej, wybieramy Adres źródłowy: Mój adres IP, Adres docelowy: Dowolny adres IP, Wybierz typ protokołu: TCP, w kolejnym oknie wybieramy porty: Z dowolnego portuDo tego portu: i w pole wpisujemy port 80 lub jeśli korzystamy z proxy to wpisujemy port proxy. Kończymy pracę z kreatorem.

W oknie (prop_rules.png) powinniśmy widzieć wpis HTTP. Zaznaczamy go i przechodzimy do zakładki Akcje filtrowania. W zakładce zaznaczamy opcję Zablokuj (jeśli jej nie ma przeczytaj artykuł Firewall w Windows), sprawdzamy jeszcze w zakładce Typ połączenia czy reguła będzie odnosić się do wszystkich połączeń sieciowych. Zatwierdzamy zmiany i zamykamy wszystkie okna oprócz (fw.png). Klikamy PPM na Firewall i wbieramy Przypisz.

Od tej chwili reguła powinna działać i blokować dostęp do WWW. Jak to sprawdzić? Otwieramy sobie naszą ulubioną przeglądarkę (Opera, FF, IE, itd…) i wpisujemy jakikolwiek adres, np. www.google.pl :-) i co? Przeglądarka powinna zgłosić błąd, np. taki:
(ff_rule.png), po kliknięciu PPM w oknie zasad zabezpieczeń na Firewall i wybraniu Cofnij przypisanie a następnie odświeżeniu strony wszystko powinno wrócić do normy (strona się wyświetli).

Brak komentarzy do “Blokowanie WWW za pomocą IPSec”

  1. Thank you for each of your hard work on this website. Debby really loves conducting internet research and it’s easy to see why. A lot of people know all regarding the lively means you deliver vital suggestions through the web blog and in addition boost participation from some others on that concept then our favorite daughter is in fact learning a lot of things. Take advantage of the rest of the year. You’re conducting a dazzling job.

  2. My husband and i have been really more than happy when Michael could round up his basic research by way of the precious recommendations he had from your web pages. It’s not at all simplistic to just happen to be giving out methods that many people might have been selling. So we see we’ve got the writer to thank for this. The type of illustrations you’ve made, the simple blog navigation, the friendships your site help to instill – it is mostly remarkable, and it’s really helping our son and the family know that that subject is cool, which is certainly really essential. Many thanks for everything!

  3. My husband and i got absolutely happy when Chris could round up his research through your ideas he obtained out of your blog. It is now and again perplexing to simply continually be giving for free things a number of people might have been selling. We really fully understand we now have you to be grateful to because of that. These illustrations you made, the easy web site navigation, the friendships you will help to foster – it’s got most sensational, and it is letting our son in addition to our family recognize that that concept is amusing, which is certainly unbelievably mandatory. Many thanks for the whole thing!

  4. I’m writing to make you understand what a terrific discovery my daughter gained browsing yuor web blog. She figured out such a lot of issues, including what it is like to possess a wonderful giving character to let the mediocre ones effortlessly know just exactly various grueling subject areas. You truly did more than her expectations. Many thanks for displaying those priceless, healthy, informative and as well as cool guidance on that topic to Julie.

  5. Thanks a lot for providing individuals with an extremely wonderful opportunity to read articles and blog posts from here. It’s always very good and as well , stuffed with fun for me and my office acquaintances to visit the blog at a minimum thrice a week to see the newest stuff you have. Not to mention, I’m also usually happy with the sensational techniques you serve. Certain 1 facts in this article are undoubtedly the very best we’ve had.

  6. My husband and i ended up being really lucky that Emmanuel could deal with his studies with the ideas he had using your web page. It is now and again perplexing to simply always be freely giving facts which most people could have been selling. And now we discover we now have you to thank because of that. All of the illustrations you have made, the simple website menu, the friendships you will give support to create – it’s mostly amazing, and it is aiding our son and our family consider that that theme is excellent, and that’s really vital. Thank you for the whole lot!

  7. I would like to show some appreciation to you for bailing me out of such a trouble. After looking throughout the world-wide-web and seeing notions which were not pleasant, I assumed my life was well over. Being alive without the presence of answers to the issues you have sorted out all through the site is a critical case, and those that could have badly affected my career if I hadn’t discovered your blog post. Your own training and kindness in dealing with all areas was useful. I am not sure what I would have done if I had not encountered such a step like this. I am able to now look ahead to my future. Thanks for your time so much for the high quality and effective help. I won’t think twice to recommend your blog post to any individual who would like guide on this problem.

  8. I enjoy you because of all of your labor on this web page. My mother really likes managing investigations and it’s simple to grasp why. Almost all notice all of the powerful form you provide helpful solutions through your web site and invigorate response from others on that subject matter and our favorite simple princess is in fact discovering so much. Enjoy the rest of the new year. You are performing a dazzling job.

  9. I enjoy you because of all your valuable labor on this blog. Ellie really likes conducting investigation and it is simple to grasp why. Many of us learn all relating to the lively manner you make sensible guides via your web blog and as well encourage response from website visitors on the concern while our favorite daughter is certainly being taught a lot. Take pleasure in the remaining portion of the new year. You’re carrying out a powerful job.

  10. I wish to express some thanks to this writer just for rescuing me from this type of problem. As a result of searching through the world-wide-web and coming across proposals that were not pleasant, I thought my life was well over. Living minus the strategies to the issues you’ve solved as a result of your main website is a critical case, and ones that would have in a wrong way affected my entire career if I had not encountered your blog. Your primary understanding and kindness in touching every item was vital. I am not sure what I would have done if I hadn’t discovered such a stuff like this. I am able to at this moment look forward to my future. Thank you so much for this reliable and amazing guide. I will not be reluctant to suggest your web site to any individual who should get direction on this issue.

Zostaw odpowiedź