[Dshield] Blocking Country Access

Tony Earnshaw tonni at hetnet.nl
Wed Feb 21 16:16:27 GMT 2007


Andrew Willy wrote, on 21. feb 2007 16:52:

[...]

> I have a web application that only our employees need access to.  Because
> these employees should never access the application from outside the US,  it
> makes sense to me to only permit networks from the US.
> 
> Is there any reason not to go ahead with this filtering?

Well, if there is any one single country in the whole wide world (China, 
Philippines, Korea, France - you name it) from which we're blacklisting 
most subnetworks, that's the US.

Hundreds of thousands of US-delegated IP numbers, thousands of subnets, 
almost all all eshing 0wn3d Windows bots. One man's meat is another's 
poison.

--Tonni

-- 
Tony Earnshaw
Email: tonni at hetnet dot nl


More information about the list mailing list