If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#16
|
|||
|
|||
Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack
On Mon, 29 Jul 2019 11:58:32 +0100, "J. P. Gilliver (John)"
wrote: Yes, but that doesn't answer my question "How would you know which IP addresses are any given country" - being able to look up which country a given IP is in (even assuming the whois return includes that datum) doesn't tell you which IP addresses are in a given country; it tells you (or might) which country a given IP address is in, which isn't the same thing! Geolite keeps its databases updated. Can be used with some hacking programs: https://dev.maxmind.com/geoip/geoip2/geolite2/ They +- recently changed the database format, which fsckd up a lot of old programs ... As you say, anyone can rent space on a US server, so even if the IP is American, the content could be from anywhere. []'s -- Don't be evil - Google 2004 We have a new policy - Google 2012 |
Ads |
#17
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 29/07/2019 12.58, J. P. Gilliver (John) wrote:
In message , The Natural Philosopher writes: On 29/07/2019 03:01, J. P. Gilliver (John) wrote: In message , The Natural Philosopher writes: On 28/07/2019 23:50, J. P. Gilliver (John) wrote: In message , Carlos E.R. writes: On 28/07/2019 15.50, Anonymous wrote: [] (Someone else wrote - attribution snipped before this point This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries.Â* This is something that most all servers should.Â* It is not like you are going to miss out on any business from these corrupt, commie countries. Â* You need to include all of Africa too. And all of USA. That's the worst one, but you will not see it in theÂ* logs. Difficult, as very few use the .us TLD. I guess since (more or less)Â* theÂ* internet was invented/developed in USA, the .com, etc. TLDsÂ* predominate,Â* but I do continue to be surprised that people aren'tÂ* _proud_ to use aÂ* .us address. Am I intuiting that you think ipset works on domain names rather thanÂ* IP addresses? Sorry, I hadn't noticed you said you were using ipset (of which I knowÂ* nothing). I was thinking of host file and similar filtering. Not me. Someone lese. [I never said it was you - if you count ""s, you'll see I was replying to the person posting as "Carlos E.R.Â* ".] And you misunderstood me completely. The USA government is possibly the worst "intruder" in your computers, and you will not see it coming, because it is done by the FBI and the CIA, and they don't show in your logs. You can do nothing against them. :-P Better you disconnect your computers and cultivate turnips instead :-P -- Cheers, Carlos. |
#18
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
And all of USA. That's the worst one, but you will not see it in the logs. Difficult, as very few use the .us TLD. I guess since (more or less) the internet was invented/developed in USA, the .com, etc. TLDs predominate, but I do continue to be surprised that people aren't _proud_ to use a .us address. Part of the problem is because the .us TLD cannot be used with WhoisGuard. I only use .com and .net because of this. |
#19
|
|||
|
|||
Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack
In article , Anonymous wrote:
Part of the problem is because the .us TLD cannot be used with WhoisGuard. I only use .com and .net because of this. then whoisguard is broken. |
#20
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
How would you know which IP addresses are any given country anyway? https://www.countryipblocks.net/acl.php |
#21
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
And you misunderstood me completely. The USA government is possibly the worst "intruder" in your computers, and you will not see it coming, because it is done by the FBI and the CIA, and they don't show in your logs. You can do nothing against them. :-P Better you disconnect your computers and cultivate turnips instead Use an external pfSense firewall. |
#22
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
In article , Anonymous wrote: Part of the problem is because the .us TLD cannot be used with WhoisGuard. I only use .com and .net because of this. then whoisguard is broken. No, that is what the commies in the government and ICAN decided to do when the new TDLs were introduced. They couldn't stand to see people having the freedom to keep themselves anonymous. |
#23
|
|||
|
|||
Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack
In article , Anonymous wrote:
Part of the problem is because the .us TLD cannot be used with WhoisGuard. I only use .com and .net because of this. then whoisguard is broken. No, that is what the commies in the government and ICAN decided to do when the new TDLs were introduced. They couldn't stand to see people having the freedom to keep themselves anonymous. one has nothing to do with the other, any service that doesn't recognize all valid tlds is broken. simple as that. |
#24
|
|||
|
|||
Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack
"J. P. Gilliver (John)" wrote
| Now that's a closer answer. I see https://lite.ip2location.com/ has | (bottom right of page) a list of countries, though I didn't investigate | it. | I use the MaxMind free database when processing my server logs, though it's got some limitations, it's work intensive, and addresses constantly change. I'm only using it after the fact, out of curiosity. I've also seen people sharing numeric lists online, especially to block China. But at some point this becomes unrealistic. Your front door now opens to the world. The way to make it secure is not to have logins, SQL backends, shopping carts components, etc, on a website directly connected to data. That's nothing new. But no one wants to accept that you can't have an internet connected network and still have security, in spite of the fact that it's been proved over and over again. So people wiseacre about best security practices. People talk about blocking China, Russia, Eastern Europe, Africa, yuppies, commies, rednecks.... What's left? White, 1st-world moms shopping for jumpers? Is there some reason to trust Brazil and New Zealand? Many of the attack probes on my site are coming from Amazon web services, which I am tempted to block, if only to block the world-wide infection of the decency-eating bacteria known as Bezos. But all of those filters hurt innocent people. Small businesses are on Amazon web services. Shouild I block them because they don't know how to manage security? Should I block the millions of Chinese and Russians who need software and can't afford to buy it, just to block the hundreds with criminal motives? Someone suggested, "Who cares about them? They don't buy product." But that's a petty, primitive, racist approach. More to the point, you can't block them all. The Internet doesn't fit into the "move-to-the-suburbs" approach to crime prevention. |
#25
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
In article , anonymous wrote:
And you misunderstood me completely. The USA government is possibly the worst "intruder" in your computers, and you will not see it coming, because it is done by the FBI and the CIA, and they don't show in your logs. You can do nothing against them. :-P Better you disconnect your computers and cultivate turnips instead Use an external pfSense firewall. Or build a BSD firewall. -- Member - Liberal International This is Ici Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism The only cure for grief is action. -George Henry Lewes |
#26
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 29/07/2019 15.34, The Doctor wrote:
In article , anonymous wrote: And you misunderstood me completely. The USA government is possibly the worst "intruder" in your computers, and you will not see it coming, because it is done by the FBI and the CIA, and they don't show in your logs. You can do nothing against them. :-P Better you disconnect your computers and cultivate turnips instead Use an external pfSense firewall. Or build a BSD firewall. Neither will help you. Nothing will, except strong encryption in *all* your communications. -- Cheers, Carlos. |
#27
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 29/07/2019 14.21, Mayayana wrote:
"J. P. Gilliver (John)" wrote | Now that's a closer answer. I see https://lite.ip2location.com/ has | (bottom right of page) a list of countries, though I didn't investigate | it. | I use the MaxMind free database when processing my server logs, though it's got some limitations, it's work intensive, and addresses constantly change. I'm only using it after the fact, out of curiosity. I've also seen people sharing numeric lists online, especially to block China. But at some point this becomes unrealistic. Your front door now opens to the world. The way to make it secure is not to have logins, SQL backends, shopping carts components, etc, on a website directly connected to data. That's nothing new. But no one wants to accept that you can't have an internet connected network and still have security, in spite of the fact that it's been proved over and over again. So people wiseacre about best security practices. People talk about blocking China, Russia, Eastern Europe, Africa, yuppies, commies, rednecks.... What's left? White, 1st-world moms shopping for jumpers? Is there some reason to trust Brazil and New Zealand? Many of the attack probes on my site are coming from Amazon web services, which I am tempted to block, if only to block the world-wide infection of the decency-eating bacteria known as Bezos. But all of those filters hurt innocent people. Small businesses are on Amazon web services. Shouild I block them because they don't know how to manage security? Should I block the millions of Chinese and Russians who need software and can't afford to buy it, just to block the hundreds with criminal motives? Someone suggested, "Who cares about them? They don't buy product." But that's a petty, primitive, racist approach. More to the point, you can't block them all. The Internet doesn't fit into the "move-to-the-suburbs" approach to crime prevention. Indeed... -- Cheers, Carlos. |
#28
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 29/07/2019 14.13, nospam wrote:
In article , Anonymous wrote: Part of the problem is because the .us TLD cannot be used with WhoisGuard. I only use .com and .net because of this. then whoisguard is broken. No, that is what the commies in the government and ICAN decided to do when the new TDLs were introduced. They couldn't stand to see people having the freedom to keep themselves anonymous. one has nothing to do with the other, any service that doesn't recognize all valid tlds is broken. simple as that. Absolutely. -- Cheers, Carlos. |
#29
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 29/07/2019 11:58, J. P. Gilliver (John) wrote:
Just looking at the russian-federation list linked to above, it's a very long and bitty list; your "ipset" must work hard blocking all those, plus the other countries you mention. (By "your" I mean whichever poster said they were doing that.) yes. I would probably set upa mysql database and reconstitute an ipset file from it at boot or summat -- In a Time of Universal Deceit, Telling the Truth Is a Revolutionary Act. - George Orwell |
#30
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 29/07/2019 15.34, The Doctor wrote: In article , anonymous wrote: And you misunderstood me completely. The USA government is possibly the worst "intruder" in your computers, and you will not see it coming, because it is done by the FBI and the CIA, and they don't show in your logs. You can do nothing against them. :-P Better you disconnect your computers and cultivate turnips instead Use an external pfSense firewall. Or build a BSD firewall. Neither will help you. Nothing will, except strong encryption in *all* your communications. HA! So says who? pfSense is a BSD firewall. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|