Hi, I have a device connected to the internet via a wi-fi hotspot from my Windows 10 machine. I want to block specific IP addresses from communicating with that device, but everything I have tried has failed. My router doesn't have a feature for this nor does the device so I have to configure this on the Win 10 PC. Custom rules/lists for Windows Defender and PeerBlocker had no effect. SimpleWall was promising but I couldn't get it to stop blocking other functions despite turning off block inbound/outbound connections for all) and making an anything allowed rule. SimpleWall seems to be blocking a TCP connection as the device keeps retrying without a response. Can anyone recommend a software for my purpose? Perhaps something that uses windows filtering platform as that at least seems to have an effect. Thanks!
Hi @Declivity Check NetLimiter: You can limit network bandwtich block conection for specific IP Colect nice log of network activity and see full status of usage etc. Piority conection And many other functions https://www.netlimiter.com/products/nl4 In options / firewall set from allow to ask And now each time if something new will try conect with your pc or go out will be asked for permision
for windows its very simple - use the HOSTS file https://en.wikipedia.org/wiki/Hosts_(file) Code: file: %SystemRoot%\System32\drivers\etc\hosts folder %SystemRoot%\System32\drivers\etc\ 0.0.0.0 123.456.78.90 ; unwanted ip redirected to zero
I also recommend this approach. Simple and effective. These redirects are applied before any DNS request is made, they are evaluated first by the OS. LATER EDIT: After reading with more attention the first post again, hosts file can be effective in blocking domain names, but if you want to block specific IP addresses or IP ranges, you can use Windows Firewall itself.
What ended up working was PrivateFirewall. I tried ZoneAlarm and Comodo but they didn't work out. I didn't try the other options but if I were to re-do it the hosts file seems like the best way. Thanks for the recommendations!
No. I'm afraid that that is the wrong example, sorry. You cannot block an IP-address, a single IP-address or a range via the HOSTS file !!! That is not how it works! At the moment I can't find a site that explains it. (this is not a prove (I know of course), but look for example at the MVPS HOSTS file: you will not find an item like that) I repeat: you cannot use the HOSTS file in that way: trying to block an IP-address
OK, here is the old Gorilla site (I'm very glad that the site is still up after so many years!). http://www.accs-net.com/hosts/ Go there to: http://www.accs-net.com/hosts/benefits_restrictions.html Quoting:
oh, yes, @FanJ 's right. here's an old thread on this issue. https://www.wilderssecurity.com/threads/can-i-block-a-specific-ip-using-the-host-files.293536/
sorry, but then all of the available HOSTS file spreaders and creators are idiots? examples Code: #Windows 10 0.0.0.0 134.170.30.202 0.0.0.0 137.116.81.24 0.0.0.0 157.56.106.189 0.0.0.0 184-86-53-99.deploy.static.akamaitechnologies.com 0.0.0.0 184.86.53.99 0.0.0.0 2.22.61.43 0.0.0.0 2.22.61.66 0.0.0.0 204.79.197.200 0.0.0.0 23.218.212.69 0.0.0.0 64.4.54.254 0.0.0.0 65.39.117.230 0.0.0.0 65.52.108.33 0.0.0.0 65.55.108.23 (i dont know if those ip are still valid, never used it) or Code: 0.0.0.0 telemetry.malwarebytes.com 0.0.0.0 54.201.247.56 0.0.0.0 52.89.169.33 0.0.0.0 54.213.128.84 most of the entries here are domain names.
No, I'm not saying they are idiots. Here is another forum thread: https://stackoverflow.com/questions/16855114/can-the-hosts-file-redirect-an-ip-address That is from 2013. If someone knows more recent postings/info then by all means.
I am. You cannot use DNS to change an IP address for another. HOSTS files are for redirecting hostnames to a specified IP.
thank you two. thats what i know, and HOSTS cannot handle (ip) ranges, only single domains. but i was not aware that it do not work for ips. but i should have worked because i redirected a game master server (original is gone) to another in the past. dnscache service is off.
I do wish it worked. There have been times where I would have liked for it to. Unfortunately IP to IP is just ignored.