Countries Blocked

Kevin

Code Monkey
Staff member
Joined
Mar 20, 2004
Location
Pennsylvania
We had to add another country to the list of blocked access points to our server. :(

All day long we usually get a few security alerts about attempts at getting into to the server and, for the most part, we can ignore them because the IP address is automatically temporarily blocked after several attempts. In some cases though we get hit with dozens, and on occasion, hundreds, of different IP addresses from the same country or we see attempts from the same country on a nearly continuous basis from different IP addresses over the course of a few days. When that happens we are left with no choice but to block the country IP address range from reaching our server.

For those curious, here's the current list of blocked countries.

AR = ARGENTINA
CN = CHINA
EG = EGYPT
IN = INDIA
IR = IRAN, ISLAMIC REPUBLIC OF
PK = PAKISTAN
PS = PALESTINIAN TERRITORY, OCCUPIED
RU = RUSSIAN FEDERATION
UA = UKRAINE
TW = TAIWAN
 
Last edited:

oorang

Cadet
Joined
Dec 19, 2014
I don't know much about hacking, but I am a lawyer, and what stands out to me about that list is that they're all countries where it is hard or impossible to enforce a subpoena from a US court. I suspect the reason the attacks are ostensibly coming from those countries is that hackers are proxying through servers in countries where they know you won't be able to subpoena the records to find out where they connected from. The actual hackers could be located anywhere. Anyways, that's my guess.
 

Kevin

Code Monkey
Staff member
Joined
Mar 20, 2004
Location
Pennsylvania
Pakistan and India have been added to the list. The last few weeks the server has been getting hammered with attempts at connecting to the back-end databases, the FTP server, and the server control panel.
 

Guest50131

Scout
Joined
Feb 14, 2015
I don't know much about hacking, but I am a lawyer, and what stands out to me about that list is that they're all countries where it is hard or impossible to enforce a subpoena from a US court. I suspect the reason the attacks are ostensibly coming from those countries is that hackers are proxying through servers in countries where they know you won't be able to subpoena the records to find out where they connected from. The actual hackers could be located anywhere. Anyways, that's my guess.
So what you're suggesting is they come from places like the United States and UK and are setting up proxies through these countries to make them look bad?

Completely plausible, given the US Intelligence Community's obsession with creating a new enemy.
 

Jethro

Moderator
Staff member
Joined
Jan 21, 2013
Kev if planning to block Vietnam be aware some lunatic in Aussie internet number sold a whole bunch of Aussies locations to that Country, yes we are complete idiots Downunder :ROFLMAO:
 

Kevin

Code Monkey
Staff member
Joined
Mar 20, 2004
Location
Pennsylvania
Kev if planning to block Vietnam be aware some lunatic in Aussie internet number sold a whole bunch of Aussies locations to that Country, yes we are complete idiots Downunder :ROFLMAO:
Yep, VN is on the list. How did the local IT crowd respond to having a AU block sold to VN? :D
 
Top Bottom