Re: what percent of time are there unpatched exploits against default config?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Sat, 2011-12-31 at 15:17 -0700, Ken godee wrote:
> >> IP address allocation needs to be done smarter so that geographical
> >> regions can be isolated easier. And at some point it probably will
> >> be.
> >
> > There already is that capability to some extent. Between geoip and
> > the RIR's, one can get a pretty good handle on which /8 or /16 blocks
> > need to be blocked at your firewall. In fact the linux based router's
> > we use have a specific "Country Blocking" feature which I use to
> > block large swathes of the Net from our systems.
> >
> 
> We've been thinking of using the MaxMind GeoIP Country database with 
> Apache mod_geoip API to limit certain countries visiting our websites.
> 
> Has anyone used this or have any input on it's usefulness?
----
totally works (maxmind/geoip - at least it did for me with a rubyonrails
app)

I wouldn't know how to use it for http blocking but it's probably
possible but it would seem to be far more effective at a firewall level.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux