IP address black hole on a unifi USG router
Recently I have had someone trying to brute force a login onto my NAS box here and they were constantly using the same IP address. So I decided to research how to stop a specific IP address from connecting to my network from the internet. I have a USG Pro4 router which is an excellent device if you are prepared to put in the time to learn the intricacies of how it works.
To black hole an address
Navigate to Settings/Routing & Firewall and click on create a new rule
Use the settings below. Note that you will need to "CREATE IPV4 ADDRESS GROUP". I called mine "Black hole" to make it obvious what it is for.
Once this is done click Save. What this does is drop all incoming packets from any IP address defined in the "Black hole" group.
To black hole an IP address simply navigate to Settings/Routing & Firewall/Groups and select Edit
Add the IP address and click Save. That IP address will no longer be able to connect to your network. my list is below
Not fond of black holes Julianne? This is here so that I can remember how to stop this next time it happens. You never know it might just help someone else too :)
ReplyDeleteYou almost certainly have been. It comes down to reporting on your router. Most likely it doesn't so you will not be able to tell. It is what it is. I have the right hardware and the ability to configure and check who is attaching to my systems. Some enterprising company can probably make money with hardware software to detect and stop this kind of thing
ReplyDeleteAs long as you update your software and Windows regularly you should be fine. Having said that there are no guarantees in life
Delete