Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Blocking traffic by Country to reduce spam

From: "J. Oquendo" <sil () infiltrated net>
Date: Mon, 29 Jun 2009 12:32:43 -0400
chmod1777 () mydotcom com wrote:

I looked and wasn't able to find the thread in this list, but I do have the site that I mentioned (I had it 
bookmarked).

http://www.countryipblocks.net/

It formats the lists in whatever way your choose, depending on how you'll use them. If you're adding these networks 
to your firewall, beware that your boot up time will slow down depending on how many countries you put in there. It 
will take time to load those rules. Some countries have ALOT of net blocks. I only added the major players that deal 
in spam/hack/malware and it's not too bad, noticeable, but not bad.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

  


Very naive if you think blocking by a particular country is going to work.

The United States is almost always in the top two spots. You'd have to
be insane to block an entire country.

http://www.marshal8e6.com/TRACE/spam_statistics.asp
http://www.highspot.net/spamstats/
http://www.ciphertrust.com/resources/statistics/spam_sources.php

I suggest you look into using an RBL which is a more effective solution.
http://www.dnsbl.info/dnsbl-list.php

-- 

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP

"It takes 20 years to build a reputation and five minutes to
ruin it. If you think about that, you'll do things
differently." - Warren Buffett

227C 5D35 7DCB 0893 95AA  4771 1DCE 1FD1 5CCD 6B5E
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: