Networking

How do I ... block IP addresses with Peer Guardian 2?

Network security doesn't end with the installation of a firewall or any automated security package. There are times when you'll need to block certain ranges of IP addresses. Jack Wallen explains how to use Peer Guardian 2 for this task.

Network security doesn't end with the installation of a firewall or any automated security package. There are times when you'll need to block certain ranges of IP addresses (or known hosts) based on a service and/or block specific IP addresses from gaining access to your network (or machine). Peer Guardian 2 makes this task simple in a Windows (currently 98/ME/2000/XP) environment. The application is open source, so you can download the source code, modify it, and even create your own branch of the software.

This little gem of a software package makes blocking IP addresses very simple. But in its simplicity, Peer Guardian 2 does not lose either functionality or robustness. I'll explain how to create lists of IP addresses to block in Peer Guardian 2, but first let's get the software installed and up and running.

This blog post is also available in PDF format in a TechRepublic download.

Getting and installing

As with most all Windows software, installation of Peer Guardian 2 is a snap. Simply download the OS-specific binary from the Phoenix Labs download site and double-click the installation file. The standard installation steps will take place and, once the application is installed, you will be asked to walk through some initial setup configurations.

The first part of the setup will ask what types of lists to install. There are six types of lists as well as an option for always allowing HTTP requests. The options are shown in Figure A.

Figure A

Don't worry if you select something wrong, you can always edit your lists manually.
The next phase in the setup is to configure updates. The setup system wants to know whether it is to update lists and/or software and how often these updates are to occur. Figure B illustrates the configuration options for automatic updates.

Figure B

Unless you plan on manually updating Peer Guardian 2, make sure you select to have it updated automatically along with the lists.
Once you have completed the updates section, you are finished with the configuration. After the configuration is complete, you will be greeted with a small window (Figure C) that shows the progress of the updates.

Figure C

Even if you've configured updates to occur automatically, you can check for them manually from the main window.

Once the updates are finished, click the Close button and you are ready to run Peer Guardian 2.

Fire it up

Go to your Start menu and look for the new entry for Peer Guardian 2. Within that menu you will find the entry to start system. When Peer Guardian 2 starts up, you will see the main window, shown in Figure D.

Figure D

Take a look at the number of blocked IP addresses: 774,193,650!
Now what we want to do is open up the List Manager. This is where blocked IP addresses are listed. From within the List Manager (Figure E) you can enable lists, edit lists, create lists, open lists, and remove lists.

Figure E

The lists shown are the default lists created when Peer Guardian 2 is initially set up.

Creating a new list

Click the Create List button. This will open a new window (Figure F) where the initial information for the list will be set up.

Figure F

This window sets up the type of list, the description, and the file name.
At first it seems a file has to exist in order to create the list. This is not so. When you click the Browse button in Peer Guardian 2, a Save As window will appear. Locate the folder where the file is to be stored and give the file a name. That's it. Once the new list is saved, the list editing tool will open (Figure G).

Figure G

Once your list gets large enough, you might have to use the Search function to locate a specific IP address.
Click the Add button and a new text area will appear. This first text area is really just for a description of the IP range. Here's an example: On an inside network there is a specific database server that houses all of the company's private Human Resource data. This data is off limits to a large range of employees (IP addresses 192.168.1.100 - 192.168.1.200). To block those IP addresses from gaining access to this particular machine, you could set up a range, as shown in Figure H.

Figure H

Once you enter the description, hit Enter to move to the starting IP address and then hit Enter again to move to the ending IP address.

If that is the only range that is necessary to block, click Save and the list will appear in the List Manager.

Temporarily allowing lists

Going back to the Employee example, let's say it is necessary to allow that range of employees access to the server for a short window of time. To do this, open up the List Manager, highlight the list containing the Employees range, and click Open List. Now highlight the entry containing the range of IP addresses to be allowed and right-click the entry. A drop-down list will appear, giving you four possible choices (Figure I).

Figure I

Unfortunately these options cannot be modified without going into the code (but since this is open source, it is possible).

From the drop-down list, select the option that best suits the situation and click Save. Depending on the system, there might be a brief stall on the machine as Peer Guardian 2 makes the necessary changes to allow the range of IP addresses. At this point a List Cache might be created, which will take a moment (again depending on the speed of the system).

Logs, history, and other features

Another nice feature of Peer Guardian 2 is the log file viewer. The log file actually keeps a running log that is retained by date. And until the history is cleared, all logs are retained. This is a great help when security audits are done.

From the Settings tab you can configure a few settings for Logs, History, and Notification. As you can see in Figure J, configuration is very straightforward.

Figure J

By changing the Log Allowed Connections to Archive and Remove, the Archive To option becomes available.
Click the Next button and the Settings tab will change to offer another group of straightforward configuration options (Figure K).

Figure K

The proxy setting is for when a proxy is needed to download updates.

Another nice Peer Guardian 2 touch is that with a single button on the main screen you can disable it. And with the same ease, Peer Guardian 2 can also be re-enabled. In addition, HTTP can be allowed or blocked with the click of a button.

Final thoughts

Peer Guardian 2 is an outstanding tool to add to your security arsenal. Not only is it good for network-wide security, it's great for single server (or even desktop) security. Peer Guardian 2 is simple to set up, but its power is not diminished by that simplicity.

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.

12 comments
tataghost
tataghost

As i see may be iam wrong that i choose certan ip and block it now , if certain ip hacking me now i want the block happen directly to this ip as it send so many trafiic to me how we can do this

Knightrider2009
Knightrider2009

I want to block all Microsoft IPs with PeerGuardian. Does anyone have a list of all Microsoft IPs? Thanks. :-D

VAbonat
VAbonat

What is the difference between PG2 and an well-known software firewall (like Outpost, Comodo etc.)? What PG2 does more that a soft firewall doesn't? Please, somebody who tested or uses PG2, let explain this in a few words. I really coudn't figure it out now. Thanks in advance.

letter_2_roy
letter_2_roy

Hi ! Dear sir, Yes, the both topics like " How do..I block IP addresses with Peer Guardian 2?"& " Quickly export outlook e-mail to excell" are really worthy reading and it will make us more stronger in the administration of Systems of any kind. In fact, I have loved it to read and remember. With thanks & regards, swapan.

zdog187
zdog187

I've been using this for several years and love it. I've also added a add block list on my router using tomato

BALTHOR
BALTHOR

I have tried to use Restricted Zone in Tools>Internet Options>Security>Restricted Zones>Sites--- but it does not work.I suspect that when the link address is added to the list that the link would be blocked but it isn't.

Mark W. Kaelin
Mark W. Kaelin

How many IP addresses do you have to block? What tool do you use to accomplish that network security task?

lhjr1947
lhjr1947

This program is so easy to use a CAVEMAN could do it. I think you are over complicating, in your own mind, as to how to implement it.

mstephens
mstephens

you can block as many IP Addresses as you want to put in. There are a few lists that are built into PG2, but you can also add custom lists, google to find more lists.

tataghost
tataghost

ok listen cave man i want it to happen automatically , like iam trying to hack ur server now iam sending many traffic , if i send more than 10 requests i want my ip address blocked directly i hope u get what i want

tech10171968
tech10171968

I think I know what he's attempting to ask, though it probably didn't come out right. I think Balthor's really wondering why the IPs being blocked by PeerGuardian can't be blocked by using the "Restricted Zones" settings under Internet Options in Windows. To answer your question, Balthor, the reason it doesn't work is that you're comparing apples to oranges. The Restricted Zones settings only apply to apps on your machine which access the web; I'm not so sure it has anything at all to do with restricting who's pinging your connection from the outside world. Security settings are applied only to files in your Temporary Internet Files folder. These settings use the security level of the Web site from which the files came. All other files are assumed to be safe. From my experience none of these settings affect things such as, for example, your P2P apps. I may be wrong but that's how I understand it.

Editor's Picks