Browse files

20120530 release

  • Loading branch information...
1 parent 6db0704 commit f4b12bc550587e897f163295f6298f6db5365733 @EvanAnderson committed May 30, 2012
View
30 MSI/make-msi.bat
@@ -0,0 +1,30 @@
+@echo off
+SET RELEASE=
+for /f %%i in (..\RELEASE.txt) do set RELEASE=%%i
+if "%RELEASE%"=="" goto _err_no_release
+
+del *.msi
+del *.wixobj
+
+candle -out ts_block.wixobj ts_block.wxs
+if errorlevel 1 goto _err_candle
+
+light -out ..\ts_block_%RELEASE%.msi ts_block.wixobj
+if errorlevel 1 goto _err_light
+
+del ts_block.wixobj
+goto :EOF
+
+:_err_candle
+echo Fatal Error - CANDLE returned error.
+echo.
+goto :EOF
+
+:_err_light
+echo Fatal Error - LIGHT returned error.
+echo.
+goto :EOF
+
+:_err_no_release
+echo Fatal Error - No ..\RELEASE.txt found.
+echo.
View
0 nssm.exe → MSI/third-party/nssm.exe
File renamed without changes.
View
18 ts_block.wxs → MSI/ts_block.wxs
@@ -1,6 +1,6 @@
<?xml version='1.0'?>
<Wix xmlns='http://schemas.microsoft.com/wix/2003/01/wi'>
- <Product Id='DAB52735-BF56-5081-B165-8EF0C4B224AE' Name='Terminal Services Brute Force Block (ts_block)' Language='1033' Version='20110831' Manufacturer='Wellbury LLC' UpgradeCode='D78EDDFB-93DF-12CF-1C82-871358588B21'>
+ <Product Id='DAB52735-BF56-5081-B165-8EF0C4B224AE' Name='Terminal Services Brute Force Block (ts_block)' Language='1033' Version='$(env.RELEASE)' Manufacturer='Wellbury LLC' UpgradeCode='D78EDDFB-93DF-12CF-1C82-871358588B21'>
<Package Id='30B0BAF0-A69D-12DC-1902-B41833668899' InstallerVersion='200' Compressed='yes' />
<!-- Install to all users only -->
@@ -17,12 +17,10 @@
<Directory Id='ProgramFilesFolder' Name='PFiles'>
<Directory Id='TARGETDIR' Name='ts_block'>
<Component Id='component0' Guid='EE750F0F-9602-6999-66FF-90E30AB29CD0' DiskId='1'>
- <File Id='file0' Name='nssm.exe' src='nssm.exe' />
- <File Id='file1' Name='README.txt' src='README.txt' />
- <File Id='file2' Name='ts_block.vbs' src='ts_block.vbs' />
- <File Id='file3' Name='LICENSE' src='LICENSE' />
- <File Id='file4' Name='ts_block.wxs' src='ts_block.wxs' />
- <File Id='file5' Name='make-msi.bat' src='make-msi.bat' />
+ <File Id='file0' Name='nssm.exe' src='third-party\nssm.exe' />
+ <File Id='file1' Name='README.txt' src='..\README.txt' />
+ <File Id='file2' Name='ts_block.vbs' src='..\ts_block.vbs' />
+ <File Id='file3' Name='LICENSE' src='..\LICENSE' />
</Component>
</Directory>
</Directory>
@@ -31,18 +29,24 @@
<CustomAction Id='InstallService'
FileKey='file0'
Execute='deferred'
+ Impersonate='no'
ExeCommand='install ts_block [WindowsFolder]System32\cscript.exe \"[TARGETDIR]ts_block.vbs\"' />
<CustomAction Id='UninstallService'
FileKey='file0'
Execute='deferred'
+ Impersonate='no'
ExeCommand='remove ts_block confirm' />
<InstallExecuteSequence>
<Custom Action='InstallService' Before='InstallFinalize'>NOT (REMOVE="ALL")</Custom>
<Custom Action='UninstallService' Before='RemoveFiles'>REMOVE="ALL"</Custom>
</InstallExecuteSequence>
+ <Condition Message="Windows Server 2003 or newer is required for installation.">
+ WindowsBuild > 2600
+ </Condition>
+
<Feature Id='Feature' Title='feature0' Level='1'>
<ComponentRef Id='component0' />
</Feature>
View
15 README.txt
@@ -1,7 +1,8 @@
-ts_block.vbs - Blocks IP addresses generating invalid Terminal Services logons
+ts_block.vbs - Blocks brute force Terminal Services login attempts
Copyright 2011 Wellbury LLC - See LICENSE for license information
Release 20110901 - Adapted from sshd_block release 20100120
+Release 20120530 - Added MSI to distribution
For support, please contact Evan Anderson at Wellbury LLC
EAnderson@wellbury.com, (866) 569-9799, ext 801
@@ -127,7 +128,7 @@ BlackholeIP value specified (as this will vary based on the subnets
where the server computers are located, and is only necessary for
Windows Server 2003 machines) is recommended.
-
+
Script Testing
==============
It is recommended that you copy the ts_block.vbs script to your desired
@@ -144,9 +145,9 @@ Test the functionality of the script by performing both invalid logons
using both a "block immediately" account and attempting repeated logons
with a valid or invalid account that is not in the "block immediately"
list. Blocking and unblocking events will be logged in the Application
-event log. (It is recommended that you perform your tests via a remote
-control mechanism such that you do not lose communication with the
-server computer during testing.)
+event log. (It is recommended that you perform your tests via a protocol
+that won't cause you to lose communication with the server computer
+during testing or from an IP address that isn't going to be blocked.)
Windows Service Installation
@@ -216,7 +217,9 @@ A Windows Installer package (MSI) version of ts_block is included with
this distribution (along with the WiX source file used to create the
MSI). The MSI is self-contained (all necessary files are compressed and
embedded within it) and can be used for automated deployment of ts_block
-as a service under NSSM.
+as a service under NSSM. It has been tested using Group Policy Software
+Installation Policy under Windows Server 2003, Windows Server 2008 R2,
+and Windows 7. Uninstallation via Group Policy has also been tested.
Future Roadmap
View
1 RELEASE.txt
@@ -0,0 +1 @@
+20120530
View
5 make-msi.bat
@@ -1,5 +0,0 @@
-@echo off
-del *.msi
-del *.wixobj
-candle -out ts_block.wixobj ts_block.wxs
-light -out ts_block.MSI ts_block.wixobj
View
1 ts_block.vbs
@@ -4,6 +4,7 @@ Option Explicit
' Copyright 2011 Wellbury LLC - See LICENSE for license information
'
' Release 20110831 - Adapted from sshd_block release 20100120
+' Release 20120530 - No change from 20110831 code for ts_block script
' External executables required to be accessible from PATH:
'
View
BIN ts_block_20120530.msi
Binary file not shown.

0 comments on commit f4b12bc

Please sign in to comment.