<![CDATA[
<p><a href="https://xinet.kr/?p=3423" target="_top" class="ke-link">https://xinet.kr/?p=3423</a> 이분의 글을 보고 작성 하다 안되서 내가 만듬 ㅋㅋㅋ; ㅎㅎ ㅠㅠ..</p><div class="figure-file" data-ke-type="file" data-file-src="https://t1.daumcdn.net/cafeattach/1HRzv/af65ac8accee0f04bb89b36cb3699d7603b5699a?download" data-file-name="ss.txt" data-file-size="4555" data-mimetype="text/plain" data-ke-align="alignCenter"><a href="javascript:checkVirus('grpid%3D1HRzv%26fldid%3DBLQD%26dataid%3D88%26fileid%3D2%26regdt%3D20221108181426&url=https%3A%2F%2Ft1.daumcdn.net%2Fcafeattach%2F1HRzv%2Faf65ac8accee0f04bb89b36cb3699d7603b5699a')"><div class="image"></div><div class="desc"><div class="filename"><span class="name">ss</span><span class="type">.txt</span></div><div class="size">4.45KB</div></div></a></div><p><a href="https://github.com/DigitalRuby/IPBan" target="_blank" class="ke-link">https://github.com/DigitalRuby/IPBan</a><br><a href="https://github.com/DigitalRuby/IPBan/releases" target="_blank" class="ke-link">https://github.com/DigitalRuby/IPBan/releases</a> 여기서 다운로드 하면 된다.  IPBan-Windows-x64_*_*_*.zip 이런 식의 파일</p><p> </p><p>REM "윈도우의 기본 설정을 해야 합니다"</p><p>REM "들어오는 NTLM 트래픽 모두거부 <a href="https://docs.microsoft.com/ko-kr/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic" target="_top" class="ke-link">https://docs.microsoft.com/ko-kr/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic</a> "<br>reg add HKEY_LOCAL_MACHINE\System\CurrentControlSet\control\LSA\MSV1_0 /v RestrictReceivingNTLMTraffic /t REG_DWORD /d 2 /f</p><p> </p><p>REM "TLS 1.2 이상으로 하기 이걸 필수적으로 해야 하는 것 같아요 아래는 파워쉘.. 저의 경우 안되서.. 아래의 레지스트로 등록 했어요"<br>[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 <br><br>REM <a href="https://xinet.kr/?p=3423" target="_blank" class="ke-link">https://xinet.kr/?p=3423</a><br>REM <a href="https://devblogs.microsoft.com/powershell/powershell-gallery-tls-support/" target="_blank" class="ke-link">https://devblogs.microsoft.com/powershell/powershell-gallery-tls-support/</a><br>REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319" /v "SchUseStrongCrypto" /t REG_DWORD /d 1 /f <br><br>REM TLS1.3 등록 하기 서버 클라우드 모두<br>REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client" /v "DisabledByDefault" /t REG_DWORD /d 0 /f <br>REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client" /v "Enabled" /t REG_DWORD /d 1 /f <br>REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Server" /v "DisabledByDefault" /t REG_DWORD /d 0 /f <br>REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Server" /v "Enabled" /t REG_DWORD /d 1 /f <br>REM "되돌리기 reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3" /f  " <br><br>REM <a href="https://learn.microsoft.com/ko-kr/dotnet/framework/network-programming/tls" target="_blank" class="ke-link">https://learn.microsoft.com/ko-kr/dotnet/framework/network-programming/tls</a><br>REM <a href="https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client" target="_blank" class="ke-link">https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client</a><br>REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319" /v "SystemDefaultTlsVersions" /t REG_DWORD /d 1 /f <br>REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319" /v "SchUseStrongCrypto" /t REG_DWORD /d 1 /f <br>REM TLS 1.2 설정 끝.</p><p> </p><hr data-ke-style="style3"><p> </p><p> </p><p><br>echo "인터넷에서 다운로드 한다 그럼 다운로드 폴더에 파일이 들어 간다고 가정 하고" <br>echo md 폴더 만들기 그리고 cd 그리고 이동하기 <br>md "%USERPROFILE%\Downloads\IPBan" <br>cd "%USERPROFILE%\Downloads\IPBan" <br><br>echo "파일 찾아서 풀어 주기" <br>for /f "delims=" %a in ('dir /a-d /b /o /s "%USERPROFILE%\Downloads\IPBan-Windows-x64*.zip"') do (tar -zxvf "%a" -C ".")  <br><br>echo "압축해제한 파일을 프로그램 폴더로 이동 시키기" <br>xcopy "%USERPROFILE%\Downloads\IPBan" "%ProgramFiles%\IPBan\" /e /h /k <br><br>echo "감사 권한을 주기 실패 성공 모두" <br>auditpol.exe /set /category:"{69979849-797A-11D9-BED3-505054503030}" /success:enable /failure:enable <br>auditpol.exe /set /category:"{69979850-797A-11D9-BED3-505054503030}" /success:enable /failure:enable <br><br>echo "서비스 등록 해주기" <br>sc.exe create IPBAN type= own start= auto binPath= "%ProgramFiles%\IPBan\DigitalRuby.IPBan.exe" DisplayName= "IPBan Service" <br><br>echo "서비스 설명 적어 주기 이런 이런 프로그램 입니다 하고." <br>sc.exe description IPBAN "Automatically builds firewall rules for abusive login attempts: <a href="https://github.com/DigitalRuby/IPBan" target="_blank" class="ke-link">https://github.com/DigitalRuby/IPBan</a>" <br><br>echo "이건 나도 모름 ㅎㅎ" <br>sc.exe failure IPBAN reset= 9999 actions= "restart/60000/restart/60000/restart/60000" <br><br>echo "서비스 실행 하기 에러 안나면 첫번째 실행은 성공 한 것입니다." <br>sc.exe start IPBAN</p><p> </p><p><span style="color: #d2d2d2; background-color: #1f1f1f;" data-ke-size="size16">sc config IPBAN start=auto</span> <br><br>echo "일단 서비스 중단 하기 편집 해야 하니" <br>net stop IPBAN <br><br>echo "편집 하기 전에 저장 해주기 나중에 고장 나면 복구 해야 하니" <br>cd "%ProgramFiles%\IPBan" && tar -cvzf "%ProgramFiles%\IPBan\ipban-config.zip" "ipban.config" <br>notepad "%ProgramFiles%\IPBan\ipban.config"</p><p> </p><p>REM <a href="https://cafe.daum.net/candan/GGFN/475" target="_blank" class="ke-link">https://cafe.daum.net/candan/GGFN/475</a></p><p>REM 날짜 시간 초단위 까지 압축 하기 tar </p><p>powershell -Command "& { $datetime = (Get-Date).ToString('yyyyMMddHHmmss'); Compress-Archive -Path '%ProgramFiles%\IPBan\ipban.config' -DestinationPath ('%ProgramFiles%\IPBan\ipbanconfig' + $datetime + '.zip'); }"</p><p><br>echo 실행해 본다 되는지 <br>net start IPBAN<br><br><br></p><hr data-ke-style="style3"><p><span data-ke-size="size26">특별 부분</span></p><p><a href="https://kin.naver.com/qna/detail.nhn?d1Id=1&dirId=104&docId=432288858" target="_top" class="ke-link">https://kin.naver.com/qna/detail.nhn?d1Id=1&dirId=104&docId=432288858</a>   </p><p>전승환님이께서 자동 다운로드 만들어 주심 그것도 한줄로 ㅋㅋㅋㅋ</p><p>대박이요.</p><p> </p><p>md "%USERPROFILE%\Downloads\IPBan"<br>cd "%USERPROFILE%\Downloads\IPBan"</p><div class="figure-html" data-ke-type="html" data-source="$target = (Invoke-WebRequest -Uri 'https://github.com/DigitalRuby/IPBan/releases').Links.Href | findstr "tree";$targetStr = "";foreach($Line in $target) {$targetStr = $Line;break;}foreach($Line in $targetStr.Split('/')) {$targetStr1 = $Line;}$targetStr2 = $targetStr1 -replace "\.","_";Invoke-WebRequest ('https://github.com/DigitalRuby/IPBan/releases/download/'+$targetStr1+'/IPBan-Windows-x64_'+ $targetStr2 + '.zip') -OutFile ('%USERPROFILE%\Downloads\IPBan\IPBan-Windows-x64.zip');"><div data-ke-class="article">$target = (Invoke-WebRequest -Uri 'https://github.com/DigitalRuby/IPBan/releases').Links.Href | findstr "tree";$targetStr = "";foreach($Line in $target) {$targetStr = $Line;break;}foreach($Line in $targetStr.Split('/')) {$targetStr1 = $Line;}$targetStr2 = $targetStr1 -replace "\.","_";Invoke-WebRequest ('https://github.com/DigitalRuby/IPBan/releases/download/'+$targetStr1+'/IPBan-Windows-x64_'+ $targetStr2 + '.zip') -OutFile ('%USERPROFILE%\Downloads\IPBan\IPBan-Windows-x64.zip');</div></div><p>아쉽게 파워쉘로 하세요 ㅎㅎ cmd랑 파워쉘이랑 켜야 하지만 이게 한계네요</p><hr data-ke-style="style3"><p>echo 들어오는 NTLM 트래픽 모두거부 <a href="https://docs.microsoft.com/ko-kr/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic" target="_top" class="ke-link">https://docs.microsoft.com/ko-kr/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic</a> <br>reg add HKEY_LOCAL_MACHINE\System\CurrentControlSet\control\LSA\MSV1_0 /v RestrictReceivingNTLMTraffic /t REG_DWORD /d 2 /f <br><br>echo 위의 내용 설명 안하고 그냥 명령어로 했을때</p><p>md "%USERPROFILE%\Downloads\IPBan" <br>cd "%USERPROFILE%\Downloads\IPBan" <br>for /f "delims=" %a in ('dir /a-d /b /o /s "%USERPROFILE%\Downloads\IPBan-Windows-x64*.zip"') do (tar -zxvf "%a" -C ".")  <br>xcopy "%USERPROFILE%\Downloads\IPBan" "%ProgramFiles%\IPBan\" /e /h /k <br>auditpol.exe /set /category:"{69979849-797A-11D9-BED3-505054503030}" /success:enable /failure:enable <br>auditpol.exe /set /category:"{69979850-797A-11D9-BED3-505054503030}" /success:enable /failure:enable <br>sc.exe create IPBAN type= own start= auto binPath= "%ProgramFiles%\IPBan\DigitalRuby.IPBan.exe" DisplayName= "IPBan Service" <br>sc.exe description IPBAN "Automatically builds firewall rules for abusive login attempts: <a href="https://github.com/DigitalRuby/IPBan" target="_blank" class="ke-link">https://github.com/DigitalRuby/IPBan</a>" <br>sc.exe failure IPBAN reset= 9999 actions= "restart/60000/restart/60000/restart/60000" <br>sc.exe start IPBAN <br>net stop IPBAN <br>cd "%ProgramFiles%\IPBan" && tar -cvzf "%ProgramFiles%\IPBan\ipban-config.zip" "ipban.config" <br>notepad "%ProgramFiles%\IPBan\ipban.config"</p><p> </p><p>net stop IPBAN </p><p>net start IPBAN</p><hr data-ke-style="style3"><p>echo "<a href="https://memonote.tistory.com/2" target="_blank" class="ke-link">https://memonote.tistory.com/2</a> " <br><br>echo 추가 정보 "<a href="https://github.com/DigitalRuby/IPBan/wiki/Configuration" target="_blank" class="ke-link">https://github.com/DigitalRuby/IPBan/wiki/Configuration</a> " <br>echo 경로 레벨 Trace 추적 섬세함 <br>echo "<a href="https://www.uname.in/176" target="_blank" class="ke-link">https://www.uname.in/176</a> <a href="https://mdj1234.tistory.com/63" target="_blank" class="ke-link">https://mdj1234.tistory.com/63</a> " <br>echo FailedLoginLogLevel <br>Trace, Debug, Info, Warn, Error, Critical <br><FailedLoginLogLevel>Trace</FailedLoginLogLevel> <br># <br># <br>echo FailedLoginRegex 실패한 로그인 정규식 <br><Source>IPBanCustom</Source> <br><FailedLoginThreshold>1</FailedLoginThreshold> <br># <br># <br>echo 로그인 시도 차단 "<a href="https://support.forpsi.hu/kb/a612/windows-remote-desktop-protocol-rdp-bejelentkezesi-hiba-elharitas.aspx" target="_blank" class="ke-link">https://support.forpsi.hu/kb/a612/windows-remote-desktop-protocol-rdp-bejelentkezesi-hiba-elharitas.aspx</a> " <br>echo 이게 중요 한것 같음 결론. RDP 차단 1회 부터 차단 틀릴 경우 6으로 하면 6번 틀릴 경우 차단 <br>* WINDOWS ONLY *  <br><FailedLoginThreshold>1</FailedLoginThreshold> <br># <br># <br>echo ProcessInternalIPAddresses 내부 아이피 처리 true <br>    <!-- Whether to process internal ip addresses --> <br>    <add key="ProcessInternalIPAddresses" value="true"/> <br># <br># <br>수정해야 할 부분 정리 <br>로그인 5회 실패시 등록 <br><add key="FailedLoginAttemptsBeforeBan" value="5"/> <br># <br># <br>ipban 시간 2일 <br><add key="BanTime" value="02:00:00:00"/> <br><br>차단후 제거 기준일 2일 <br><add key="ExpireTime" value="02:00:00:00"/></p><hr data-ke-style="style3"><p><b><span data-ke-size="size26">여기서 부터 보세요</span></b></p><p> </p><p><!-- Optional, set a log level for failed logins - must match exactly (case sensitive) one of the following: <br><FailedLoginLogLevel>Warn</FailedLoginLogLevel> <br><FailedLoginLogLevel>Trace</FailedLoginLogLevel> <br><br>WINDOWS ONLY <br><LogLevel>Warn</LogLevel> <br><LogLevel>Trace</LogLevel> <br><br><!-- Number of failed logins before banning the ip address --> <br><add key="FailedLoginAttemptsBeforeBan" value="5"/> <br><add key="FailedLoginAttemptsBeforeBan" value="2"/> <br><br><add key="BanTime" value="01:00:00:00"/> <br><add key="BanTime" value="02:00:00:00"/> <br><br><add key="ExpireTime" value="01:00:00:00"/> <br><add key="ExpireTime" value="02:00:00:00"/></p><div class="figure-file" data-ke-type="file" data-file-src="https://t1.daumcdn.net/cafeattach/1HRzv/48c1443ef7600fb80c7047030fe4fc9848cbbc7d?download" data-file-name="ipban.zip" data-file-size="9780" data-mimetype="application/x-zip-compressed" data-ke-align="alignCenter"><a href="javascript:checkVirus('grpid%3D1HRzv%26fldid%3DBLQD%26dataid%3D88%26fileid%3D4%26regdt%3D20221108181426&url=https%3A%2F%2Ft1.daumcdn.net%2Fcafeattach%2F1HRzv%2F48c1443ef7600fb80c7047030fe4fc9848cbbc7d')"><div class="image"></div><div class="desc"><div class="filename"><span class="name">ipban</span><span class="type">.zip</span></div><div class="size">9.55KB</div></div></a></div><div class="figure-file" data-ke-type="file" data-file-src="https://t1.daumcdn.net/cafeattach/1HRzv/642c556cf6feb02fbf523346f9e88341e83db975?download" data-file-name="ipbanconfig20230327010650.zip" data-file-size="9755" data-mimetype="application/x-zip-compressed" data-ke-align="alignCenter"><a href="javascript:checkVirus('grpid%3D1HRzv%26fldid%3DBLQD%26dataid%3D88%26fileid%3D5%26regdt%3D20221108181426&url=https%3A%2F%2Ft1.daumcdn.net%2Fcafeattach%2F1HRzv%2F642c556cf6feb02fbf523346f9e88341e83db975')"><div class="image"></div><div class="desc"><div class="filename"><span class="name">ipbanconfig20230327010650</span><span class="type">.zip</span></div><div class="size">9.53KB</div></div></a></div><p>처음으로 성공한 것</p><p>wf.msc </p><p>윈도우키 + R</p><p>IPBan_Block_0 이런식으로 등록 되어 있으면 성공 한거네요 만약 없으면 실패한거고요 ㅠ </p><p> </p><p>두번째 파일은 dns 허용한거에요 9.9.9.9 로 말이죠.</p><p> </p><hr data-ke-style="style3"><p>REM 자신의 DNS를 입력 하면 된다 <br><add key="Whitelist" value=""/> <br><add key="Whitelist" value="9.9.9.9"/> <br><br>REM 이것은 와일드 카드 즉 * 이런 형태를 추가 할수 있는 것 같다 <br><add key="WhitelistRegex" value=""/></p><p> </p><p style="text-align: start;">REM <a href="https://cafe.daum.net/candan/GGFN/475" target="_top" class="ke-link">https://cafe.daum.net/candan/GGFN/475</a></p><p style="text-align: start;">REM 날짜 시간 초단위 까지 압축 하기 tar </p><p style="text-align: start;">powershell -Command "& { $datetime = (Get-Date).ToString('yyyyMMddHHmmss'); Compress-Archive -Path '%ProgramFiles%\IPBan\ipban.config' -DestinationPath ('%ProgramFiles%\IPBan\ipbanconfig' + $datetime + '.zip'); }"</p><p> </p><hr data-ke-style="style3"><p><br><br>cd "%ProgramFiles%\IPBan" && tar -cvzf "%ProgramFiles%\IPBan\ipban-config2.zip" "ipban.config" <br>다시 다른 이름으로 저장 하기  <br><br>echo 실행해 본다 되는지 <br>net start IPBAN<br><br>이걸 이렇게 해야 하는 이유는 지연 시작 하면 한나절 되어서 켜짐 -_-;; <br>sc config IPBAN start=auto <br><br>로그 보는 방법 여기에 fail 이라고 막 찍히고 이상한 ip 찍히기 시작하면 의심 해봐야 하는 것. <br>notepad "%ProgramFiles%\IPBan\logfile.txt" <br><br>cd .. <br>sc.exe stop IPBAN <br>sc.exe delete IPBAN <br>rmdir "%ProgramFiles%\IPBan" /s <br>만약 서비스가 마음에 안들면 삭제 하기</p><p> </p><p> </p><p>기타 번역은</p><p><a href="https://cafe.daum.net/candan/GGFN/382" target="_blank" class="ke-link">https://cafe.daum.net/candan/GGFN/382</a>   </p><p> </p><p> </p><p>기타 권한 주기</p><p>echo 권한 제한 하기 IPBan 켜는 문제. 네트워크 S-1-5-2</p><p>REM 권한을 주어도 수정 할수 있다. 권한을 풀 필요가 없다</p><p> </p><hr data-ke-style="style3"><p>REM "PowerShell 파워쉘 해킹 시도?" <br>REM "%ProgramFiles%\IPBan\SAM 아쉽게 이 경로는 안된다 %ProgramFiles%\IPBan 이렇게 해야 한다고"  <br>icacls "%ProgramFiles%\IPBan"  <br>takeown /F "%ProgramFiles%\IPBan" /A /R /D Y <br>icacls "%ProgramFiles%\IPBan" /grant Administrators:F /t <br>icacls "%ProgramFiles%\IPBan" /save d:\IPBan.txt /t <br>REM icacls "%ProgramFiles%\IPBan" /setintegritylevel H /t <br>icacls "%ProgramFiles%\IPBan" /deny "NETWORK SERVICE":(OI)(CI)F "GUEST":(OI)(CI)F "IIS_IUSRS":(OI)(CI)F "REMOTE INTERACTIVE LOGON":(OI)(CI)F "*S-1-5-32-546:(OI)(CI)F" "*S-1-0-0:(OI)(CI)F" "*S-1-5-7:(OI)(CI)F" "*S-1-5-13:(OI)(CI)F" /t /inheritance:e <br>icacls "%ProgramFiles%\IPBan" /setowner "NT SERVICE\TrustedInstaller" /t <br>icacls "%ProgramFiles%\IPBan" /grant:r Administrators:RX /t <br>icacls "%ProgramFiles%\IPBan" <br><br>REM icacls "%ProgramFiles%\IPBan" /deny "*S-1-5-13":F" <br>REM 터미널 사용자 서버 "*S-1-5-13":F  <br><br>REM "복구 할때" <br>REM icacls "%ProgramFiles%\IPBan" /reset /t <br>REM icacls /restore "%windir%\System32" d:\IPBan.txt</p><hr data-ke-style="style3"><p><br><br><s>takeown /F "%ProgramFiles%\IPBan" /A /r </s><br><s>icacls "%ProgramFiles%\IPBan" /grant Administrators:F /t </s><br><s>icacls "%ProgramFiles%\IPBan" /remove "*S-1-5-2" /t </s><br><s>icacls "%ProgramFiles%\IPBan" /setowner "NT SERVICE\TrustedInstaller" /t </s><br><s>icacls "%ProgramFiles%\IPBan" /grant:r Administrators:RX /t </s><br><s>icacls "%ProgramFiles%\IPBan" </s></p><p> </p><p><span data-ke-size="size16">echo 수정 해야 할때 </span></p><p style="text-align: start;">takeown /F "%ProgramFiles%\nlog.config" /A</p><p style="text-align: start;">icacls "%ProgramFiles%\IPBan\nlog.config" /grant Administrators:F</p><p style="text-align: start;"> </p><p style="text-align: start;">takeown /F "%ProgramFiles%\IPBan\ipban.config" /A</p><p style="text-align: start;">icacls "%ProgramFiles%\IPBan\ipban.config" /grant Administrators:F</p><p style="text-align: start;"> </p><p style="text-align: start;"> </p><p style="text-align: start;">echo 다시 권한 높이기</p><p style="text-align: start;">takeown /F "%ProgramFiles%\nlog.config" /A</p><p style="text-align: start;">icacls "%ProgramFiles%\IPBan\nlog.config" /setowner "NT SERVICE\TrustedInstaller" /t</p><p style="text-align: start;">icacls "%ProgramFiles%\IPBan\nlog.config" /grant Administrators:RX /t</p><p style="text-align: start;"> </p><p style="text-align: start;">takeown /F "%ProgramFiles%\IPBan\ipban.config" /A</p><p style="text-align: start;">icacls "%ProgramFiles%\IPBan\ipban.config" /setowner "NT SERVICE\TrustedInstaller" /t</p><p style="text-align: start;">icacls "%ProgramFiles%\IPBan\ipban.config" /grant Administrators:RX /t</p><p style="text-align: start;"> </p><p style="text-align: start;"> </p><p style="text-align: start;">net stop IPBAN  <br>net start IPBAN</p><p> </p><p> </p><p><span data-ke-size="size16">cd "%ProgramFiles%\IPBan" && tar -cvzf "%ProgramFiles%\IPBan\ipban-config.zip" "ipban.config"</span><br><span data-ke-size="size16">notepad "%ProgramFiles%\IPBan\ipban.config"</span></p><p> </p><p> </p><p> </p><p>echo 권한중 경우 삭제 방법</p><p>sc.exe stop IPBAN<br>sc.exe delete IPBAN</p><p>takeown /F "%ProgramFiles%\IPBan" /A /r<br>icacls "%ProgramFiles%\IPBan" /grant Administrators:F /t</p><p><span data-ke-size="size16">rd /s /q "%ProgramFiles%\IPBan"</span></p><p> </p><p> </p><p>echo 권한 처음으로 돌리기 <br>takeown /F "%ProgramFiles%\IPBan" /A /r <br>icacls "%ProgramFiles%\IPBan" /t /q /c /t /reset <br>icacls "%ProgramFiles%\IPBan" </p><p> </p><p> </p><p> </p><hr data-ke-style="style3"><p><a href="https://youtu.be/4BEamJCphKM" target="_blank" class="ke-link">https://youtu.be/4BEamJCphKM</a></p><div class="figure-video" data-ke-type="video" data-video-url="https://www.youtube.com/watch?v=4BEamJCphKM" data-video-host="youtube" data-video-play-service="daum_cafe" data-video-width="640" data-video-height="480" data-ke-style="alignCenter" data-video-thumbnail="https://scrap.kakaocdn.net/dn/burwyB/hyQvgK7FDw/lKsilqYeYkUy07QRUr3Lg1/img.jpg?width=640&height=480&face=0_0_640_480" data-ke-mobile-mobileStyle="widthContent" data-video-origin-width="640" data-video-origin-height="480"><iframe src="https://www.youtube.com/embed/4BEamJCphKM" width="640" height="480" frameborder="0" scrolling="no" allowfullscreen=""></iframe><div class="figcaption"></div></div><hr data-ke-style="style3"><p>Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational <br>This group will block RRAS login failures to Windows <br>SVN failed login attempts on Windows <br>Override failed login threshold or leave 0 for default <br>Custom log entries, Windows <br>This group will block custom ipban login failures on Windows</p><hr data-ke-style="style3"><p> </p><p> </p><p>FailedLoginRegex  프로만 된다? <br><PlatformRegex>Linux</PlatformRegex> <br><br><PlatformRegex>Windows</PlatformRegex> <br>Windows 으로 변경 <br><br><FailedLoginThreshold>1</FailedLoginThreshold> <br><br>Smarter mail failed logins, Windows <br><FailedLoginThreshold>1</FailedLoginThreshold> <br><br><br>Setup expressions to block for Windows event viewer. <br><FailedLoginThreshold>1</FailedLoginThreshold> <br><br><br>This group will block OpenSSH login failures <br><FailedLoginThreshold>1</FailedLoginThreshold> <br><br><br>Smarter mail failed logins, Windows <br><FailedLoginThreshold>1</FailedLoginThreshold> <br>Linux and Windows <br><FailedLoginThreshold>1</FailedLoginThreshold> <br><br>Custom log entries, Windows <br><FailedLoginThreshold>1</FailedLoginThreshold> <br><br>Exchange logins, Windows <br><FailedLoginThreshold>1</FailedLoginThreshold> <br><br>Override failed login threshold or leave 0 for default <br><FailedLoginThreshold>1</FailedLoginThreshold></p><div class="figure-file" data-ke-type="file" data-file-src="https://t1.daumcdn.net/cafeattach/1HRzv/4ca39a826d03e7e685f3f9375678f4224fd195aa?download" data-file-name="ipban-config2.zip" data-file-size="9532" data-mimetype="application/x-zip-compressed" data-ke-align="alignCenter"><a href="javascript:checkVirus('grpid%3D1HRzv%26fldid%3DBLQD%26dataid%3D88%26fileid%3D3%26regdt%3D20221108181426&url=https%3A%2F%2Ft1.daumcdn.net%2Fcafeattach%2F1HRzv%2F4ca39a826d03e7e685f3f9375678f4224fd195aa')"><div class="image"></div><div class="desc"><div class="filename"><span class="name">ipban-config2</span><span class="type">.zip</span></div><div class="size">9.31KB</div></div></a></div><p>1.8.0 버전</p>
<!-- -->
]]>
카페 게시글
보안2off
IPBan 윈도우 RDP 차단 설치 명령어로 하기
동우
추천 0
조회 77
22.11.08 18:14
댓글 0
다음검색
