Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Ban IPs by region on our server

Posted on 2014-01-10
2
Medium Priority
?
451 Views
Last Modified: 2014-01-10
Hello

I have a 2 part question:

1. Is it a good idea to ban IP addresses by region on our server to increase our security? We mainly supply locally in our own country and do not need to be visible everywhere. Only a selected amount of countries. I do see numerous port scans coming from some countries that we would like to permanently limit access.

2. Where can we find these IPs and will it hinder the performance of the website and server if we have these bans in place.

Your comments are appreciated.
0
Comment
Question by:gregnvt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 84

Accepted Solution

by:
Dave Baldwin earned 1000 total points
ID: 39772804
While it might be a good idea, China alone has over 200 non-continuous IP address blocks.  http://www.nirsoft.net/countryip/cn.html  Those are just IPV4 addresses.  I don't have a list for IPV6.

MaxMind has a GeoIP by country database available.  http://www.maxmind.com/en/geolocation_landing   I don't know if it can be used by the server without a program.
0
 
LVL 11

Assisted Solution

by:MajorBigDeal
MajorBigDeal earned 1000 total points
ID: 39772915
I think that is overkill, likely to create problems and not be effective.  When you see an address misbehaving you could just add it to your hosts.deny file.  That way if you get push back because someone can't get to your website because you have denied their IP, you have a solid, documented reason and explanation.

There is software available (like fail2ban or denyhosts) that can do this for you automatically.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question