I am running a Windows 2000 web server with IIS 5. We have to allow anonymous access. I notice in the log file that a lot of cmd.exe attempts are being made from different ip addresses in a particular range. Let’s say they all start with 201 and every address resolves back to a provider in which I know we do not have valid users, say South Pole Network Information Center. WhoIs shows their NetRange as 201.0.0.0 – 201.255.255.255 ( it is not really 201 ). How can I block that NetRange in IIS 5. I have gone into the properties of the website and under Directory Security chosen IP address and domain restriction. When I go to add a Group of Computers to deny access to, it asks for Network ID and Subnet Mask. What network ID and subnet mask should I used to block the NetRange described above? The CIDR is 201.0.0.0/8 and I still don’t understand CIDR and supernetting.
