authentProtect (v 0.8 beta)

  AuthentProtect is a small ISAPI filter that denies IIS authentication based on given usernames. It is mainly intended to block brute force attack against users for which NTFS permissions cannot be revoked (mainly administrators). I will give more informations about this problem later, as this page is under construction.

  AuthentProtect is based on the "onAuthentication" event from ISAPI, so that it can deny access before IIS handle the request. Logins that are denied to authenticate through IIS are customizable through config file. If no config file is found, the filter denies access to "administrator" and "administrateur" (for french people ;).

This is licenced under LGPL; see the GNU Lesser Public License page for more details.

authentProtect.conf : the default config file (put it in the "%SYSTEMROOT%\inetsrv\" directory)
authentProtect.dll : the filter
authentProtect.src.zip : Visual C++ source code (change log)

See the configuration page to got your filter customized.
For detailed comments on source code, have a look to the source code step by step page.

  I installed this filter on a production server which has an average load and all is fine, but use it at your own risk. I plan to add a lot of functionnalities to this filter, so new versions will come...
  Please, email at authentProtect@firstcodings.net to send me any comments, feedbacks and recommandations about this filter.