On 8/12/2013 11:53 a.m., Mark Foster wrote:
http://lmgtfy.com/?q=how+to+block+china
229 Million results. Pretty sure this has been done before.
Was done before posting.
As with all block-by-IP-range solutions, consider the issues around: - Keeping the blocklist current - IP allocations change - False Positives.
Or you could simply do your best to keep the system 'unhackable'. Agreed Run secure (patched and current) software, with only externally reachable services listening, and other ports/protocols blocked, etc etc.
Machine was set up in to much hurry for a project that was delayed and now we're playing catch up... damb it!
Not all Internet users in China are malicious. Not all malicious Internet users are in China either.
Agreed. Hence the shout for help. This machine is for a little project that's of no concern to the world. Like you Mark, I'm not keen on blocking off bits of the world. The hits came from China based IPs, but I make no assumption at all that it has anything to do at all with people from that part of the world. I actually think it was a "friendly" just pointing out that our box needs a tidy up, our firewall needs a tidy up and a little hint to just get on with it :) That in mind, we're sorting it out as quickly as we can while also giving a heads up to the community that we're on it but also getting a bit of stick and under a bit of pressure. D -- Don Gould 31 Acheson Ave Mairehau Christchurch, New Zealand Ph: + 64 3 348 7235 Mobile: + 64 21 114 0699 Ph: +61 3 9111 1821 (Melb) I'M COLLECTING COFFEE CUPS FOR PROJECT COFFEE CUP. Deja vue (missing the French accent mark) - literally means already seen, that sense of haven't we been here before.