jessem Posted November 10, 2009 Share Posted November 10, 2009 I have a few php scripts that plot down the remote user's IP on a text file when certain conditions are met. I would like an autoit script that will act as a firewall to block the ip addresses on this list and I honestly have no clue where to start for this one. Suggestions? Is there a script already out there for this? Link to comment Share on other sites More sharing options...
Bert Posted November 10, 2009 Share Posted November 10, 2009 what has a search of the forum resulted in? The Vollatran project My blog: http://www.vollysinterestingshit.com/ Link to comment Share on other sites More sharing options...
jessem Posted November 10, 2009 Author Share Posted November 10, 2009 what has a search of the forum resulted in? Stuff from 2005 saying that it can't be done (however I know AutoIt has changed quite a lot since then), also some Client Server communication stuff. A function accepting certain Ips.I poke my head in the forums here enough to know to search first (you'll generally find an answer) and to post some code on where you're at. I'm still looking though Link to comment Share on other sites More sharing options...
jessem Posted November 10, 2009 Author Share Posted November 10, 2009 Stuff from 2005 saying that it can't be done (however I know AutoIt has changed quite a lot since then), also some Client Server communication stuff. A function accepting certain Ips.I poke my head in the forums here enough to know to search first (you'll generally find an answer) and to post some code on where you're at. I'm still looking though Well I thought for sure that there would now be some block incoming IP function. What a super handy thing to have had running as a service along side a web server.I wont give up the ghost though! Link to comment Share on other sites More sharing options...
Developers Jos Posted November 10, 2009 Developers Share Posted November 10, 2009 Well I thought for sure that there would now be some block incoming IP function. What a super handy thing to have had running as a service along side a web server.I wont give up the ghost though!use the standard functions that come with your webserver or install a proxy to scan the traffic, but forget about using AutoIt3 for that. AutoIt3 can probably help out updating your webservers blacklist.Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
JohnOne Posted November 10, 2009 Share Posted November 10, 2009 I probably have no business in this thread being a noob, but could you not use autoit to just add these lists to your hosts file ? AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
Developers Jos Posted November 10, 2009 Developers Share Posted November 10, 2009 I probably have no business in this thread being a noob, but could you not use autoit to just add these lists to your hosts file ?Adding stuff to the Hosts file will only disable the DNS resolution for a hostname and not block access via port 80 for an IP adddress. SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
jessem Posted November 10, 2009 Author Share Posted November 10, 2009 Ya, I was kind of hoping for something closer to the nic and not at the server level. I could just have the php scripts add the promiscuous guest to the deny list on the .htaccess, but that's only stopping them from poking around on the website. They could still try and abuse other aspects of the server. AutoIt would have been perfect because I thought for sure it could read incoming IPs to the machine(like TCPAccept) and just not grant access to those on a list. Link to comment Share on other sites More sharing options...
Developers Jos Posted November 10, 2009 Developers Share Posted November 10, 2009 Ya, I was kind of hoping for something closer to the nic and not at the server level. I could just have the php scripts add the promiscuous guest to the deny list on the .htaccess, but that's only stopping them from poking around on the website. They could still try and abuse other aspects of the server.AutoIt would have been perfect because I thought for sure it could read incoming IPs to the machine(like TCPAccept) and just not grant access to those on a list.There is nothing close to the NIC that would help. You will have to check stuff on Layer 3 (Ip level). So I cannot see any reason not to use the Webserver application to do the blacklisten for you.Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
Richard Robertson Posted November 10, 2009 Share Posted November 10, 2009 (edited) You could always just buy a good router and set it in front of your server machine. If you find the right firmware (or pay enough) you can add blacklisted IPs to the router from a trusted source (the server). Edited November 10, 2009 by Richard Robertson Link to comment Share on other sites More sharing options...
jessem Posted November 10, 2009 Author Share Posted November 10, 2009 You could always just buy a good router and set it in front of your server machine. If you find the right firmware (or pay enough) you can add blacklisted IPs to the router from a trusted source (the server).Ooh but automation would be soo much more fun, quicker and generally more reliable than manually updating my current hardware firewall every morning when I am at work.Being able to add an IP to a black list on the fly would be so much more powerful than trusting myself (aka dumb human).Jos- Agreed with only using the webserver to block access to the webserver for now, but I'm pretty sure that's only OSI layer 7 and wont offer any protection to other aspects of my server.I'll keep my eyes open and will update this post if I find an AutoIt solution for this in the future. It would be quite useful to other admins I'm sure.Thanks for the suggestions! Link to comment Share on other sites More sharing options...
JohnOne Posted November 11, 2009 Share Posted November 11, 2009 Ooh but automation would be soo much more fun, quicker and generally more reliable than manually updating my current hardware firewall every morning when I am at work.Being able to add an IP to a black list on the fly would be so much more powerful than trusting myself (aka dumb human).Jos- Agreed with only using the webserver to block access to the webserver for now, but I'm pretty sure that's only OSI layer 7 and wont offer any protection to other aspects of my server.I'll keep my eyes open and will update this post if I find an AutoIt solution for this in the future. It would be quite useful to other admins I'm sure.Thanks for the suggestions!At the risk of making another fail post.If you were to go down the router path, could you not use autoit to automate the updating of the blocked IP's? AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
jessem Posted November 12, 2009 Author Share Posted November 12, 2009 At the risk of making another fail post.If you were to go down the router path, could you not use autoit to automate the updating of the blocked IP's?That's a good idea, but it would require the server and firewall to be logged in at all times. That could end up being more of a hassle and security risk in the long run. Link to comment Share on other sites More sharing options...
Confuzzled Posted November 14, 2009 Share Posted November 14, 2009 Try PeerGuardian (oldie but goodie) or PeerBlock (new kid on the block) - both from the same code source and currently free. Not firewalls - just blockers.Both have automated updates that you can schedule (please don't overload their servers with hourly updates - weekly is usually fine). Enough flexibility so you can exercise your coding charms to generate blacklists and whitelists to import, although you might want to rely on some of the better known sources such as Bluetack.Oh, and make sure you are firewalled, as well. Comment: If you are trying to craft a firewall from AutoIt, then I strongly suspect you are significantly lacking in understanding of how a firewall operates and a prime candidate for getting hacked. Link to comment Share on other sites More sharing options...
Richard Robertson Posted November 15, 2009 Share Posted November 15, 2009 I suppose I was vague in my post before. I meant that if you find the right firmware, you can upload new instructions from an application (your script). Link to comment Share on other sites More sharing options...
Anteaus Posted November 15, 2009 Share Posted November 15, 2009 I have a few php scripts that plot down the remote user's IP on a text file when certain conditions are met. I would like an autoit script that will act as a firewall to block the ip addresses on this list and I honestly have no clue where to start for this one.Suggestions? Is there a script already out there for this?As already mentioned it would be easier to do this at application level, if it's a webserver you're running then most of these have a blocklist, and it shouldn't be too difficult to write a php script which will add the address. (I would have thought using php would be preferable here rather than mixing languages)On which note, have you checked the php forums for readymade scripts to add IPs to Apache or suchlike blocklists?Other option, if you use a router to connect, is to have a script upload the IP to the router's IP filter. This could be done using php's FTP functions, or by using AutoIt to control a browser window logged-in to the router. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now