Blocking Traffic by Country on Production Networks

Blocking Traffic by Country on Production Networks
Timothy M. Mullen

When I originally posted to Bugtraq regarding the use of country-by-country sets to control traffic to or from any particular country, I knew that it was not a new idea. However, applying the concept for use with Microsoft's ISA Server was at least a new application for it, and apparently has had some utility for people based on the thousands of downloads that have been made of the free sets from the Hammer of God Web site.

Expand all | Post comment

Blocking Traffic by Country on Production Networks 2008-07-20
Anonymous (1 replies)

Re: Blocking Traffic by Country on Production Networks 2008-07-22
Anonymous (1 replies)

Re: Re: Blocking Traffic by Country on Production Networks 2009-01-05
Anonymous (1 replies)

Re: Re: Re: Blocking Traffic by Country on Production Networks 2009-05-27
Anonymous (1 replies)

Re: Re: Re: Re: Blocking Traffic by Country on Production Networks 2009-11-03
Anonymous

Blocking Traffic by Country on Production Networks 2008-07-30
Anonymous

Blocking Traffic by Country on Production Networks 2008-08-18
Jason Bevis

Blocking countries is a good tactic if you are not blocking your customers. It works exceptionally well in high profile and political events. Here is a list of blacklisted ranges you can use.

http://infosecalways.com/2007/11/08/ip-address-blacklist/

I've seen IDS alerts go from 100,000+ to in the 100+s, so it is very effective.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/infocus/1900/1180#1180

Blocking Traffic by Country on Production Networks 2008-09-16
Narsi

Blocking Traffic by Country on Production Networks 2008-10-17
IT Dude

Blocking Traffic by Country on Production Networks 2008-10-31
Anonymous (1 replies)

Re: Blocking Traffic by Country on Production Networks 2009-02-27
kurt