IP blocks by country?
Results 1 to 9 of 9

Thread: IP blocks by country?

  1. #1
    Junior Member
    Join Date
    May 2003
    Posts
    23

    Question IP blocks by country?

    Does anyone know of a site which will tell me IP blocks assigned, broken down by country?

    Call it jingoistic if you want, but 90% of suspicious scans and attacks on our servers trace to IP's registered outside the country (we're in the US). I want to block all of it, since our company does 100% of it's business in New York State, and every single client client we have or might have is US-based.

    I'm tired of reading logs, clipping log fragments, and e-mailing them to abuse mailboxes all around the world. I'd prefer to just reject or drop anything coming from outside the US, period. It's never going to be legitimate business traffic for my company.

    - Qualm

  2. #2
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    Something like this?

  3. #3
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    Negative, you are truly somethin

    Excellent link.

    Cheers for the info provided.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  4. #4
    Junior Member
    Join Date
    May 2003
    Posts
    23
    Yes, thanks I'll take a look at those lists.

    - Qualm

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    244

    Wink

    Great list thx Neg,now i finally can block Belgium ..................naaaah
    i m gone,thx everyone for so much fun and good info.
    cheers and good bye

  6. #6
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    How about http://www.geobytes.com/IpLocator.htm

    If you have the IP and want to find the geographical location.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  7. #7
    Junior Member
    Join Date
    May 2003
    Posts
    23
    Well, that's a pretty neat site, but ... ironically it couldn't locate the IP that's been bombarding my servers with PROPFIND based DoS attacks ;-) Which I located easily through RIPE.NET earlier.

    Admins can and do routinely look up IP's in the Whois databases to find out the ISP of someone who shows up in their security logs, but we don't usually care where those people are physically. I got the inclination to block out the entire non-US set of IP's because our servers only really care about traffic from existing and potential clients, who are all going to be located within 100 miles of us due to the nature of our business. So I'm just going to block at the router or firewall level all packets from non-US IP blocks. Should drastically cut down on the security log work.

    - Qualm

  8. #8
    Junior Member
    Join Date
    Jan 2003
    Posts
    16
    Sounds like a pretty big task. Glad it's not me!! Might be a nice post, to have a list of all non-US IP blocks.

  9. #9
    Now, RFC Compliant! Noia's Avatar
    Join Date
    Jan 2002
    Posts
    1,210
    All Hail Negative, the Human Google, a fountain of Knowledge, a god of links, a good time to stop would be now :P

    sweet link Negative

    - Noia
    With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!:.
    Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •