LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 06-15-2013, 07:33 PM   #31
Richard Cranium
Senior Member
 
Registered: Apr 2009
Location: Carrollton, Texas
Distribution: Slackware64 14.1
Posts: 1,566

Rep: Reputation: 462Reputation: 462Reputation: 462Reputation: 462Reputation: 462

Quote:
Originally Posted by guanx View Post
When your enemy is China, nothing to fear; but when the U.S. lies behind, very dangerous!
I'm sure the people of Tibet and Vietnam agree with you.

However, I suggest that you confine your comments here to technical issues. As I will do.
 
Old 06-15-2013, 08:37 PM   #32
guanx
Senior Member
 
Registered: Dec 2008
Posts: 1,014

Rep: Reputation: 146Reputation: 146
Quote:
Originally Posted by Richard Cranium View Post
I'm sure the people of Tibet and Vietnam agree with you.

However, I suggest that you confine your comments here to technical issues. As I will do.
Aha! What you will do looks quite different from what you are doing.

As you mentioned Vietnam, I could not keep from ... Do you forget 1959-1975 ?

.

Last edited by guanx; 06-16-2013 at 11:41 PM.
 
Old 06-15-2013, 09:00 PM   #33
dh2k
Member
 
Registered: Jan 2006
Distribution: Slackware 13.0 (KDE 3.5.10 from 12.2; Xfce 4.6; Fluxbox); Slackware 13.1 (KDE 4.5)
Posts: 203

Rep: Reputation: 44
I recall a 'black' IP neighbourhood map of the internet that was reported in the UK media in the last 6mths;
where 'black' is source of a whole load of unsavoury types; perhaps scope here for an open source blacklist (if non already) -
and I would endear to see those who want to get off the black list meet requirements and/or bow to the benevolent leader and community for permission.

And, I would be so happy to see a package .txz that maintained '5h!th0u5e' IP ranges (and countries as an added module).

Project for me maybe; any support posts are most welcome.
 
Old 06-17-2013, 05:50 AM   #34
jtsn
Member
 
Registered: Sep 2011
Location: Europe
Distribution: Slackware
Posts: 865

Rep: Reputation: 401Reputation: 401Reputation: 401Reputation: 401Reputation: 401
Quote:
Originally Posted by kikinovak View Post
I'm running a few dedicated servers for clients, with a handful of specialized services like library management or school management. It's all more or less running on LAMP servers and supposed to be accessed around here, meaning in South France.

I have many hostile connections on these machines, mostly brute force attempts, which I keep out with a couple of iptables rules limiting the number of connections per minute. Only I'm facing a real tsunami here, and I thought about a more radical solution.

Is there a way to block whole countries using iptables? I've tracerouted some folks back, and they seem to originate mostly from China and Russia, with the odd Nigerian IP.
On dedicated servers targeted at a local audience, I usually whitelist RIPE IP space and block everything else. Have a look at the RIR allocations here:

http://www.iana.org/assignments/ipv4...ress-space.xml

You can try fine-tuning filters by country using a GeoIP service, but that is error-prone and almost never worth it.

BTW: For most US services (like Netflix) it is not unusual block everything that is not US.
 
Old 06-17-2013, 10:03 PM   #35
BrZ
Member
 
Registered: Apr 2009
Distribution: Slackware
Posts: 500

Rep: Reputation: 83
Today I was looking for some stuff and found this. If you know some tool to convert the filters provided by 'iblocklist' to cidr, I'll be very glad.

ps: +1...

Last edited by BrZ; 06-17-2013 at 10:09 PM. Reason: add info
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to block IP range of China Russia and other countries. rahilmaknojia Linux - Security 15 08-03-2010 08:21 AM
LXer: MySQL founder asks China, Russia to stop Oracle LXer Syndicated Linux News 0 01-19-2010 01:10 AM
hi from Russia dr_sad LinuxQuestions.org Member Intro 4 12-23-2005 03:46 AM
script to block IPs from Korea, China, Taiwan?? latino Linux - Security 4 09-05-2005 10:57 PM


All times are GMT -5. The time now is 03:59 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration