[Dshield] Blocking Country Access
andrewwilly at gmail.com
Wed Feb 21 18:40:06 GMT 2007
Thanks to everyone. I learned from your replies and will take the
On 2/21/07, Andrew Willy <andrewwilly at gmail.com> wrote:
> Good point.
> I have a web application that only our employees need access to. Because
> these employees should never access the application from outside the US, it
> makes sense to me to only permit networks from the US.
> Is there any reason not to go ahead with this filtering?
> On 2/20/07, Valdis.Kletnieks at vt.edu <Valdis.Kletnieks at vt.edu> wrote:
> > On Tue, 20 Feb 2007 08:54:14 PST, Dave Hatz said:
> > > I am trying to find information on how to block countries from our
> > networks.
> > > I remember seeing lists that contain the IP addresses for the
> > countries.
> > > Can someone please point me in the right direction on where I can
> > obtain a
> > > list of the country IP address so we can block them.
> > Depending on your exact business and traffic patterns, it may make a lot
> > more
> > sense to block *the entire world*, and then only punch holes for places
> > you
> > expect traffic from.
> > Just a thought - seems people seem to be reminded of Marcus Ranum's
> > thoughts on "default allow and trying to enumerate badness". ;)
> > _________________________________________
> > SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
> > taught by our top rated instructors plus a huge vendor tools expo.
> > Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)
More information about the list