Hey guys.

I'm sick of port scans, ssh brute-force attempts, attempted apache/myphpadmin exploit attempts, email spam, and various other bullshit that come from other countries.

I would like to drop all packets from everyone other than the US. Right now, I'm using Okean's Korea and China blacklists to block Korea and China ( http://okean.com/thegoods.html ). But I'm still getting spam from Germany, the UK, Italy, and other crap.

All I need is a list of IPs in CIDR notation that are allocated to only the United States. I can have a default deny, then allow the US IPs.

Does anyone know of such a list?

Thanks for your time.

IP to Country Database list can be downloaded from this page. http://software77.net/cgi-bin/ip-country/geo-ip.pl

You could use fail2ban to help prevent hacking.

{duplicate}

monthly updated GeoIP db is available for free for non-commercial use also from
http://www.maxmind.com/
and for commercial use a more frequently updated IP db from maxmind as well.

instead of banning all NON-US countries - i have setup a large iptables list blocking C/B or even A networks ( specially china ) if i encounter a hack attempt.

normal is about one daily hack attempt on a server ...
my first one started before my domain was fully setup - that helped me to strengthen the security.
NO password login - only serverkey access via ssh

if blocking ALL NON-US access - pls keep in mind that you also deny access to all US abroad - there are MILLIONS of US citizen permanently or tgemporarily living abroad / overseas, it also blocks all US on travel, on vacation - including yourself when traveling ...

You also block us Brits, and we're really nice and not lame at all...