• Welcome to the SPJ Community a Social Media Talk Forum

    Register Now, it's Free! You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, Join Our Community Today!

    If you have any problems with the registration process or your account login, please contact contact us.

    We offer to our community member a place to vent too. And not worry about Corporate America Violating our privacy. But of course be RESPECTFUL !!! , If there's anything we missed, Please utilize the posting features so we can make things happen So why don't you join US !! And Benefit To What We Can Offer. Then register with our Social Media Talk Forum - When Social Talk is Social, and edit your profile and include A General Info of yourself and start posting. GOOD LUCK !!
Resource icon

Freeware QaasWall for Windows 1.0.2

No permission to download
/*
* =====================================================================================
*
* Project: QaasWall for Windows
*
* Description: Automatically block IPs with toomany connections.
*
* Version: 1.0.2
* Created: 21 March 2010
* Revision: none
*
* Author: Martin H , Chief Research and Development Officer.
* Company: www.eukhost.com
* Copyrights: QaasWall (C) Martin H - www.eukhost.com 2010
*
* =====================================================================================
*/


QaasWall For Windows.

The Story Behind

I have been working on how to block IP Addresses on Windows server for 2 years due to the fact that Windows 2003 Server did not have any option in the default firewall to block a single IP address and these is the reason I was curious to create something that would allow us to block a single IP address on the server. Then we found IP security policy which looked a bit complicated and difficult to configure however we managed to master it in no time. We have always faced numerous attack on our Windows server specially a brute force attack on the MSSQL master login “sa” and it use to be a pain in back side to block single IP address every time. This was the only reason (or you can call it a desperate need) why QaasWall was brought to life.

About QaasWall

After thinking allot I decided to name the firewall as QaasWall. The word “Qaas” in Arabic means Tough which spells it as ToughWall.

Introduction

QaasWall basically uses IP security policy to block IP address and if you install QaasWall, all your previous rules would get disabled and it works in layers which are mentioned below:

1. It will scan all the standard ports DNS, MSSQL, MySQL, SMTP, POP3, HTTP, SSL and Sharing on the server and save its out put in a file, which is saved in the /temp directory, with the info on how many connections does each IP address have on them.

2. Any IP that has more than 100 connection at the time of scan will be blocked using Windows IP security Policy, named “Qaas Policy”. Any IP address that has been already blocked, added in white list file or belong to the server will be ignored.

3. Currently QaasWall creates 2 schedule tasks, QassWall and Qaas Empty, one of it is to scan services every 5 mins and other to delist IP addresses after 24 hours.

4. The IP will remain blocked for 24 hours (max) and Qaas will release the IP address then.. These setting can be changed by rescheduling the Task.

QaasWall also has a white list file where you can add IP that you want to be safe. Any IP that belong to the server or is already blocked or is added in the white list, will be ignored.

Usage

Basically users does not need to make any efforts other than running the setup on the server. Qaas has 2 built in programs in itself:

blocq:
usage : blocq 123.123.123.123

This will block the IP address on the server, it can be used manually if you want to manually block IP addresses.

ublocq:
usage : ublocq 123.123.123.123

This command will remove the IP address from the firewall.

Uninstall:

Run following commands to uninstall it:

netsh ipsec stat delete policy name="Qaas Policy"
FOR /F "usebackq tokens=*" %P IN ("%windir%\old_path.log") DO SET PATH=%P
SCHTASKS /Delete /TN "Qaas Empty" /f
SCHTASKS /Delete /TN "Qaas Wall" /f
rmdir /Q /S %systemdrive%\Qaas\
  • id-clean-sheet-co.jpg
    id-clean-sheet-co.jpg
    11.1 KB · Views: 7
Author
puertoblack2003
Downloads
0
Views
91
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from puertoblack2003

Top