[Dshield] Blocking Country Access

Andrew Willy andrewwilly at gmail.com
Wed Feb 21 15:52:20 GMT 2007


Good point.

I have a web application that only our employees need access to.  Because
these employees should never access the application from outside the US,  it
makes sense to me to only permit networks from the US.

Is there any reason not to go ahead with this filtering?

Thanks

Andrew


On 2/20/07, Valdis.Kletnieks at vt.edu <Valdis.Kletnieks at vt.edu> wrote:
>
> On Tue, 20 Feb 2007 08:54:14 PST, Dave Hatz said:
> > I am trying to find information on how to block countries from our
> networks.
> > I remember seeing lists that contain the IP addresses for the countries.
> > Can someone please point me in the right direction on where I can obtain
> a
> > list of the country IP address so we can block them.
>
> Depending on your exact business and traffic patterns, it may make a lot
> more
> sense to block *the entire world*, and then only punch holes for places
> you
> expect traffic from.
>
> Just a thought - seems people seem to be reminded of Marcus Ranum's
> thoughts on "default allow and trying to enumerate badness". ;)
>
> _________________________________________
>
> SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
> taught by our top rated instructors plus a huge vendor tools expo.
> Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)
>
>


More information about the list mailing list