0

I made a firewall rule that blocks access to a site after 3 failed connection attempts, but I still have access to the site on the virtual machine, even if I type the wrong password 3x:

New-NetFirewallRule -Name "Network_Security_Inbound_Blacklist_$maliciousIP" -Profile Any -Direction inbound -Action Block -DisplayName "Network_Security_Inbound_Blacklist_$maliciousIP" -enable True -interfacetype any -RemoteAddress $maliciousIP}
  • To test, I hosted a site locally on my physical machine (Wamp Server) and launched the site from a virtual machine, but the rule does not work
Improve this question
4
  • Wheres the rest of the code?
    – SQLTemp
    Commented Jul 1, 2020 at 10:49
  • I work with a tool in fact which puts the rule for 3 tenetaives of failed accesses execute this piece of code which creates the rule.
    – mgh
    Commented Jul 1, 2020 at 11:00
  • if your malicious variable is empty or not any IPv4 or IPv6 address this script will crash, can you confirm what the variable getting passed through is? (Assuming your curly brace is from the rest of your code that is not included in the question.)
    – SQLTemp
    Commented Jul 1, 2020 at 11:22
  • @mgh If the right bracket is from the rest of the unposted code, it should be removed, as it doesn't apply to the question and is only going to cause confusion (as it stands, the firewall rule is broken due to the missing left bracket)
    – JW0914
    Commented Jul 1, 2020 at 11:25

1 Answer 1

Reset to default
0

Replace the firewall rule with a command that produces a text file to prove the firewall is actually executing the code after three failed attempts, then try this, instead of your rule:

New-NetFirewallRule -DisplayName "Block Inbound Port 80" -Direction Inbound -LocalPort 80 -Protocol TCP -Action Block
Improve this answer
1
  • 1
    Please use correct markdown when creating answers and questions by using the formatting toolbar or help icon.
    – JW0914
    Commented Jul 1, 2020 at 11:20

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .