> I believe the OP's concern is that of remote exploit (DoS, script > kiddies, worms, etc), not of application fraud. He wants to deny at > layer 3, based on geography. Yes, this is my concern. My thought is that if I can limit my visibility on the internet then I decrease my chances to some degree of getting hacked. If some computer science student or engineer in China or Europe is running an automated program to probe IP addresses and I drop those requests they will think there is no site there and the program will look for the next IP to probe. Now I have learned from this discussion that there is something called spoofing where they can pretend to be in the US. Well, the percent that doesn't spoof will not see me. Remember that I am a beginner at this and am trying to learn about all the weapons that are available to protect my little site. Later on I hope to be doing big and visible sites and will be more educated. Since the US networks apparently can route through unpredictable areas like the cell phone example showing California but really originating from Boston I see that trying to limit sources to Missouri is not possible. But, I think there is some benefit to dropping packets from identifiable overseas networks. Thanks for all your help. By the way, this will be hot food delivery to specific streets and addresses and not even zip code analysis can work. This service will be basically for repeat, known customers and they will have to be certified over the phone in advance. Larry Nobs > > -- > Jason Dixon, RHCE > DixonGroup Consulting > http://www.dixongroup.net > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
