Syskit Monitor
Try it for FreeContact UsProduct Site
  • Syskit Monitor
  • Product Updates
    • Syskit Monitor 9.1.0 - Release Note
    • Syskit Monitor 9 – The monster has awoken!
    • Syskit Monitor 8.4.0 - Release Note
    • Syskit 2012 R2 8.3.0 - Release Note
    • Syskit 2012 R2 8.2.0 Release Note
    • Syskit 2016 R2 8.0.1 - Release Note
    • Syskit 2016 R2 – Monitor and script all the things!
  • Requirements
    • System Requirements
    • User Permission Requirements
    • Pre Installation Requirements
  • Installation and Configuration
    • Install Wizard
      • Install Syskit Monitor
      • Install Syskit Monitor Data Collector
    • Configuration Wizard
      • Configure Syskit Monitor
      • SQL Permissions
        • Create a SQL Server Login
        • Create a SQL Server Database
        • Create a Service User Login Permission
        • Connect an Existing Database
    • Upgrade to the Latest Version
    • Uninstall Wizard
  • Editions
    • Editions
  • Activation
    • Activation Privacy Statement
    • Online and Offline Activation
    • Activation FAQ
  • Get to Know Syskit Monitor
    • Quick Start Guide
    • Administration
      • Servers and Groups
      • Monitoring Templates
      • PowerShell Scripts
    • Backstage Screen
      • Manage Data Gathering
      • Help Screen
      • Configuration
        • Configure
        • Options
      • Syskit Monitor Web App
    • Dashboards
      • Sessions Dashboard
      • Performance Dashboard
    • Reports
      • User Reports
      • Application Reports
      • Performance Reports
        • System Overview
        • Computer Performance
        • Application Performance
        • User Performance
      • Gateway Reports
      • License Reports
      • Event Log Reports
      • Inventory Reports
        • Hardware and Software
        • Powershell Reports
        • Compare Wizard
      • Custom Reports
  • Common Tasks with Syskit Monitor
    • Monitoring Windows Server and Application Performance
    • Monitoring and Restarting Stopped Windows Services
    • Real Time Alerting
    • Monitoring User Activities and Application Usage
    • Monitoring RD Gateway Connections
    • File System Auditing
    • Malicious IP Blocking
    • Computer Inventory
  • How To
    • Custom Reports
      • Create Custom Report
      • Create SQL Custom Report
      • Create an Alert
    • Users
      • Add Users Manually
      • Add Users From Active Directory
      • Manage Security Permissions
    • Dashboards
      • Create a Custom Dashboard
      • Edit Dashboards
      • Add Formatting Condition to Metrics
    • Reports
      • Export Report to Excel
      • Configure Cost Overview Report
      • Configure Report Subscriptions
      • Create Customized Report Views
    • Computers
      • Add/Remove or Delete Computer from Monitoring
      • Add Citrix Servers to Monitoring
    • Monitoring Templates
      • Predefined Monitoring Templates
      • Template Wizard
      • Import / Export Monitoring Template
      • Download Templates
    • Powershell Scripts
      • PowerShell Wizard
      • Manage Scripts
      • Import / Export PowerShell Script
      • Import and Use PowerShell Script Modules
      • Download Scripts
    • Service Accounts
      • Add Service User to Local Administrators Group via Group Policy
      • Add Service User to Local Administrators Group Manually
    • Audit Events
      • Enable Folder Auditing
      • Configure Audit Logon Events
      • Configure Syskit Monitor server to support the Block Malicious IP Addresses feature
    • Citrix Xenapp
      • Allow Remote RPC on Xenapp
      • Monitor Citrix Published Applications
      • Configure Syskit Monitor for Citrix XenApp 5 Published Application monitoring
      • Configure Syskit Monitor for Citrix XenApp 6.x Published Application monitoring
      • Configure Syskit Monitor for Citrix XenApp 7.x Published Application monitoring
    • Performance Counters Management
    • Manage Syskit Monitor Data Collector
    • Move database to new server
    • Exclude installation folder from antivirus scanning
  • FAQ
    • FAQ
  • Troubleshooting
    • SQL Server Connection
    • SQL Server Express 2012 LocalDB
    • How to resolve the Offline and Unauthorized computer states
    • Network Ports
    • Fixing WMI to work with Syskit Monitor
    • Enable-PSRemoting for untrusted domains to work with Syskit Monitor
    • Configuring CredSSP for use with PowerShell in Syskit Monitor
    • Installation Issues
    • User States
    • User Connections
    • Miscellaneous
Powered by GitBook
On this page

Was this helpful?

  1. Common Tasks with Syskit Monitor

Malicious IP Blocking

This article focuses on the Blocked IP Addresses feature that creates a list of blocked IP addresses via Windows Firewall rules.

PreviousFile System AuditingNextComputer Inventory

Last updated 1 year ago

Was this helpful?

Protecting the company’s servers from potential attackers is very important. If attackers get into the internal company network, they can access sensitive company data. One of the common types of attack is guessing the administrator’s password by various methods. If there is no defense policy, attackers can keep guessing for as long as they want.

Blocking the IP address instead of the URL or domain name is more powerful, because it can protect your servers from multiple malicious users or websites that share the same IP address. Syskit Monitor detects potentially malicious addresses and blocks them. After a certain number of failed logon attempts in the period of one hour, Syskit Monitor will block the source IP address of the user for one day.

If you want to change these values, you can do so in Options dialog, in the Extract Event Log tab. When the block time expires, the IP address will be unblocked automatically. It is also possible to unblock the IP address manually.

The Blocked IP Addresses report shows the list of blocked IP addresses via Windows Firewall rules. In order to see this report, you must enable and run system job and .

The report shows you the blocked IP address, date and exact time of the block, and date and exact time of the automatic unblock.

If you want to customize your view, you can do so using the filter. You can select Date Range and Computers — and your view will accordingly be reduced or expanded to the selected range.

See to learn more.

Event Log Reports
Extract Event Log
Public IP Fetching