[Dshield] Blocking Country Access

Andrew Willy andrewwilly at gmail.com
Wed Feb 21 18:40:06 GMT 2007


Thanks to everyone.  I learned from your replies and will take the
suggestions.

Andrew


On 2/21/07, Andrew Willy <andrewwilly at gmail.com> wrote:
>
> Good point.
>
> I have a web application that only our employees need access to.  Because
> these employees should never access the application from outside the US,  it
> makes sense to me to only permit networks from the US.
>
> Is there any reason not to go ahead with this filtering?
>
> Thanks
>
> Andrew
>
>
> On 2/20/07, Valdis.Kletnieks at vt.edu <Valdis.Kletnieks at vt.edu> wrote:
>
> > On Tue, 20 Feb 2007 08:54:14 PST, Dave Hatz said:
> > > I am trying to find information on how to block countries from our
> > networks.
> > > I remember seeing lists that contain the IP addresses for the
> > countries.
> > > Can someone please point me in the right direction on where I can
> > obtain a
> > > list of the country IP address so we can block them.
> >
> > Depending on your exact business and traffic patterns, it may make a lot
> > more
> > sense to block *the entire world*, and then only punch holes for places
> > you
> > expect traffic from.
> >
> > Just a thought - seems people seem to be reminded of Marcus Ranum's
> > thoughts on "default allow and trying to enumerate badness". ;)
> >
> > _________________________________________
> >
> > SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
> > taught by our top rated instructors plus a huge vendor tools expo.
> > Register Today! http://www.sans.org/info/2501 (BROCHURECODE: ISC)
> >
> >
>


More information about the list mailing list