diff options
-rw-r--r-- | MSI/make-msi.bat | 30 | ||||
-rw-r--r-- | MSI/third-party/nssm.exe (renamed from nssm.exe) | bin | 75776 -> 75776 bytes | |||
-rw-r--r-- | MSI/ts_block.wxs (renamed from ts_block.wxs) | 18 | ||||
-rw-r--r-- | README.txt | 15 | ||||
-rw-r--r-- | RELEASE.txt | 1 | ||||
-rw-r--r-- | make-msi.bat | 5 | ||||
-rw-r--r-- | ts_block.vbs | 1 | ||||
-rw-r--r-- | ts_block_20120530.msi | bin | 0 -> 68608 bytes |
8 files changed, 52 insertions, 18 deletions
diff --git a/MSI/make-msi.bat b/MSI/make-msi.bat new file mode 100644 index 0000000..56a3024 --- /dev/null +++ b/MSI/make-msi.bat @@ -0,0 +1,30 @@ +@echo off
+SET RELEASE=
+for /f %%i in (..\RELEASE.txt) do set RELEASE=%%i
+if "%RELEASE%"=="" goto _err_no_release
+
+del *.msi
+del *.wixobj
+
+candle -out ts_block.wixobj ts_block.wxs
+if errorlevel 1 goto _err_candle
+
+light -out ..\ts_block_%RELEASE%.msi ts_block.wixobj
+if errorlevel 1 goto _err_light
+
+del ts_block.wixobj
+goto :EOF
+
+:_err_candle
+echo Fatal Error - CANDLE returned error.
+echo.
+goto :EOF
+
+:_err_light
+echo Fatal Error - LIGHT returned error.
+echo.
+goto :EOF
+
+:_err_no_release
+echo Fatal Error - No ..\RELEASE.txt found.
+echo.
diff --git a/nssm.exe b/MSI/third-party/nssm.exe Binary files differindex 54e8e31..54e8e31 100644 --- a/nssm.exe +++ b/MSI/third-party/nssm.exe diff --git a/ts_block.wxs b/MSI/ts_block.wxs index c64f4eb..b9e09d7 100644 --- a/ts_block.wxs +++ b/MSI/ts_block.wxs @@ -1,6 +1,6 @@ <?xml version='1.0'?>
<Wix xmlns='http://schemas.microsoft.com/wix/2003/01/wi'>
- <Product Id='DAB52735-BF56-5081-B165-8EF0C4B224AE' Name='Terminal Services Brute Force Block (ts_block)' Language='1033' Version='20110831' Manufacturer='Wellbury LLC' UpgradeCode='D78EDDFB-93DF-12CF-1C82-871358588B21'>
+ <Product Id='DAB52735-BF56-5081-B165-8EF0C4B224AE' Name='Terminal Services Brute Force Block (ts_block)' Language='1033' Version='$(env.RELEASE)' Manufacturer='Wellbury LLC' UpgradeCode='D78EDDFB-93DF-12CF-1C82-871358588B21'>
<Package Id='30B0BAF0-A69D-12DC-1902-B41833668899' InstallerVersion='200' Compressed='yes' />
<!-- Install to all users only -->
@@ -17,12 +17,10 @@ <Directory Id='ProgramFilesFolder' Name='PFiles'>
<Directory Id='TARGETDIR' Name='ts_block'>
<Component Id='component0' Guid='EE750F0F-9602-6999-66FF-90E30AB29CD0' DiskId='1'>
- <File Id='file0' Name='nssm.exe' src='nssm.exe' />
- <File Id='file1' Name='README.txt' src='README.txt' />
- <File Id='file2' Name='ts_block.vbs' src='ts_block.vbs' />
- <File Id='file3' Name='LICENSE' src='LICENSE' />
- <File Id='file4' Name='ts_block.wxs' src='ts_block.wxs' />
- <File Id='file5' Name='make-msi.bat' src='make-msi.bat' />
+ <File Id='file0' Name='nssm.exe' src='third-party\nssm.exe' />
+ <File Id='file1' Name='README.txt' src='..\README.txt' />
+ <File Id='file2' Name='ts_block.vbs' src='..\ts_block.vbs' />
+ <File Id='file3' Name='LICENSE' src='..\LICENSE' />
</Component>
</Directory>
</Directory>
@@ -31,11 +29,13 @@ <CustomAction Id='InstallService'
FileKey='file0'
Execute='deferred'
+ Impersonate='no'
ExeCommand='install ts_block [WindowsFolder]System32\cscript.exe \"[TARGETDIR]ts_block.vbs\"' />
<CustomAction Id='UninstallService'
FileKey='file0'
Execute='deferred'
+ Impersonate='no'
ExeCommand='remove ts_block confirm' />
<InstallExecuteSequence>
@@ -43,6 +43,10 @@ <Custom Action='UninstallService' Before='RemoveFiles'>REMOVE="ALL"</Custom>
</InstallExecuteSequence>
+ <Condition Message="Windows Server 2003 or newer is required for installation.">
+ WindowsBuild > 2600
+ </Condition>
+
<Feature Id='Feature' Title='feature0' Level='1'>
<ComponentRef Id='component0' />
</Feature>
@@ -1,7 +1,8 @@ -ts_block.vbs - Blocks IP addresses generating invalid Terminal Services logons
+ts_block.vbs - Blocks brute force Terminal Services login attempts
Copyright 2011 Wellbury LLC - See LICENSE for license information
Release 20110901 - Adapted from sshd_block release 20100120
+Release 20120530 - Added MSI to distribution
For support, please contact Evan Anderson at Wellbury LLC
EAnderson@wellbury.com, (866) 569-9799, ext 801
@@ -127,7 +128,7 @@ BlackholeIP value specified (as this will vary based on the subnets where the server computers are located, and is only necessary for
Windows Server 2003 machines) is recommended.
- +
Script Testing
==============
It is recommended that you copy the ts_block.vbs script to your desired
@@ -144,9 +145,9 @@ Test the functionality of the script by performing both invalid logons using both a "block immediately" account and attempting repeated logons
with a valid or invalid account that is not in the "block immediately"
list. Blocking and unblocking events will be logged in the Application
-event log. (It is recommended that you perform your tests via a remote
-control mechanism such that you do not lose communication with the
-server computer during testing.)
+event log. (It is recommended that you perform your tests via a protocol
+that won't cause you to lose communication with the server computer
+during testing or from an IP address that isn't going to be blocked.)
Windows Service Installation
@@ -216,7 +217,9 @@ A Windows Installer package (MSI) version of ts_block is included with this distribution (along with the WiX source file used to create the
MSI). The MSI is self-contained (all necessary files are compressed and
embedded within it) and can be used for automated deployment of ts_block
-as a service under NSSM.
+as a service under NSSM. It has been tested using Group Policy Software
+Installation Policy under Windows Server 2003, Windows Server 2008 R2,
+and Windows 7. Uninstallation via Group Policy has also been tested.
Future Roadmap
diff --git a/RELEASE.txt b/RELEASE.txt new file mode 100644 index 0000000..cb2560d --- /dev/null +++ b/RELEASE.txt @@ -0,0 +1 @@ +20120530
diff --git a/make-msi.bat b/make-msi.bat deleted file mode 100644 index 3ce66ff..0000000 --- a/make-msi.bat +++ /dev/null @@ -1,5 +0,0 @@ -@echo off
-del *.msi
-del *.wixobj
-candle -out ts_block.wixobj ts_block.wxs
-light -out ts_block.MSI ts_block.wixobj
diff --git a/ts_block.vbs b/ts_block.vbs index 2a772ba..3f9b6cc 100644 --- a/ts_block.vbs +++ b/ts_block.vbs @@ -4,6 +4,7 @@ Option Explicit ' Copyright 2011 Wellbury LLC - See LICENSE for license information
'
' Release 20110831 - Adapted from sshd_block release 20100120
+' Release 20120530 - No change from 20110831 code for ts_block script
' External executables required to be accessible from PATH:
'
diff --git a/ts_block_20120530.msi b/ts_block_20120530.msi Binary files differnew file mode 100644 index 0000000..6405373 --- /dev/null +++ b/ts_block_20120530.msi |