04-19-2023, 06:51 PM
>>In other words: The server does not respond and is therefore "invisible".
>>Or is there an adequate possibility somewhere else?
Outside of IW I wrote a Win32 app to maintain a list of ip's or subnets to block when needed (this could be also done inside of ServerCrontoller). If my IW apps don't like a request and want to block it they just add the ip to an Sqlite database monitored by the Win32 app. The Win32 app also scans my SMTP logs and looks for intrusion attempts, etc. Once a minute the Win32 app looks for new entries and if found creates and runs a PowerShell script to add to an inbound rule of Windows Firewall that blocks the ip or subnet. After that the server really does become invisible to the original connection. I let the blocked addresses roll off after 24 hours. Very low tech but it seems to work.
![[Image: ID_IP.png]](https://mjs.us/Docs/ID_IP.png)
>>Or is there an adequate possibility somewhere else?
Outside of IW I wrote a Win32 app to maintain a list of ip's or subnets to block when needed (this could be also done inside of ServerCrontoller). If my IW apps don't like a request and want to block it they just add the ip to an Sqlite database monitored by the Win32 app. The Win32 app also scans my SMTP logs and looks for intrusion attempts, etc. Once a minute the Win32 app looks for new entries and if found creates and runs a PowerShell script to add to an inbound rule of Windows Firewall that blocks the ip or subnet. After that the server really does become invisible to the original connection. I let the blocked addresses roll off after 24 hours. Very low tech but it seems to work.