forked from EvanAnderson/ts_block
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathts_block.adm
56 lines (48 loc) · 2.72 KB
/
ts_block.adm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
CLASS MACHINE
CATEGORY "Wellbury LLC"
CATEGORY "ts_block"
KEYNAME "Software\Policies\Wellbury LLC\ts_block"
POLICY "Block attempts"
PART "Block attempts threshold" NUMERIC REQUIRED SPIN 1
VALUENAME "BlockAttempts"
DEFAULT 5
MIN 2
END PART ; "Block attempts threshold"
EXPLAIN "The number of sequential failed logon attempts (with accounts that are not considered 'block immediately' accounts) that will trigger a block."
END POLICY
POLICY "Block duration"
PART "Block duration (seconds)" NUMERIC REQUIRED SPIN 1
VALUENAME "BlockDuration"
DEFAULT 300
MIN 1
END PART ; "Block duration"
EXPLAIN "The duration, in seconds, of a block (either because of reaching the BlockAttempts threshhold or because of a 'block immediately')."
END POLICY
POLICY "Block timeout"
PART "Block timeout (seconds)" NUMERIC REQUIRED SPIN 1
VALUENAME "BlockTimeout"
DEFAULT 120
MIN 1
END PART ; "Block timeout"
EXPLAIN "The duration, in seconds, that must elapse between failed logon attempts to reset the count of failed logon attempts for a given IP address."
END POLICY
POLICY "Black-hole IP address"
PART "Black-hole IP address" EDITTEXT REQUIRED
VALUENAME "BlackholeIP"
END PART ; "Block timeout"
EXPLAIN "The IP address used for the black-hole route (for Windows Server 2003, or if specified as the BlockStyle. If not specified, the hardcoded value of 0.0.0.0 will be used (remove this to switch back to the default algorithm of selecting the IP address of a network interface with no default gateway specified will be used. This setting is not used in Windows Server 2008 and later versions of Windows UNLESS the BlockStyle is also set."
END POLICY
POLICY "Block Style"
PART "Block Style" NUMERIC REQUIRED
VALUENAME "BlockStyle"
END PART
EXPLAIN "This setting allows you to manually choose to use black-hole routing on Windows Server 2008 and above, rather than the Windows Firewall (which must be enabled if you want to use it.) Set this value to 1 to use blackhole routing, or 2 to use the Windows Firewall (or simply leave it unset to use the routing method on Windows Server 2003 and the firewall method on Windows Server 2008 and above."
END POLICY
POLICY "Whitelist"
PART "Whitelist" EDITTEXT REQUIRED
VALUENAME "Whitelist"
END PART
EXPLAIN "This setting allows you to specify a space-separated list of IPs or network prefixes which will never be blocked. For instance, the value '1.2.3.4 192.168.3. 10.' will never block requests from IP 1.2.3.4, or and IPs where the first digits match 192.168.3., or any IPs that start with 10."
END POLICY
END CATEGORY ; "ts_block"
END CATEGORY ; "Wellbury LLC"