Hi , can some describe how one would do this in a windows 200 r2 setup: Identify and block malicious HTTP traffic with IPtables http://blog.esmnetworks.com/tag/w00tw00t-t-blackhats-romanian-anti-sec/

Hi , Thank you for the post. Windows cannot support the function "add a rule for each IP with the DROP target in the bad_traffic chain, if it is not already in the chain". I suggest you could ignore this traffic and keep your windows system with latest updates. On the other hand, you could block the IP address via your firewall device or deployment IDS/IPS solutions. http://www.securityweek.com/hacked-mit-server-used-stage-attacks-scan-vulnerabilities RegardsRick Tan TechNet Community Support

Hi , Thank you for the post. Windows cannot support the function "add a rule for each IP with the DROP target in the bad_traffic chain, if it is not already in the chain". I suggest you could ignore this traffic and keep your windows system with latest updates. On the other hand, you could block the IP address via your firewall device or deployment IDS/IPS solutions. http://www.securityweek.com/hacked-mit-server-used-stage-attacks-scan-vulnerabilities RegardsRick Tan TechNet Community Support