[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] H4CK3R5
- Subject: Re: [cobalt-users] H4CK3R5
- From: "Joshua Kim" <developer@xxxxxxxxxxxxxxx>
- Date: Tue Feb 20 01:02:02 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Just out of curiosity... any reason why you want to block Korean IPs?
I'm a Korean-American web-developer working in CA, and I just can't help
being curious. That's all. Thanks.
> > How do i deny a whole country ?
> >
> > i want to add the whole of korea in my host.deny file
> >
> > is this possible?
>
> Now, we're talking... I proposed this a few weeks ago and didn't get
much
> response. Since then I have done a little homework. You can just put a
line
> like this:
> ALL: .kr
>
> That will take care of anyone who your server is able to resolve the
name
> on - can't do it for a lot the our little friends. Also, hosts.deny
only
> affects things protected with wrappers - which includes http, ftp,
etc. This
> means scans are still possible and so is the BIND exploit, I believe
(based
> on a comment I read a little while ago on this list). So, it is far
from
> being a panacea.
>
> HOWEVER, you COULD use IPchains, which could kill everything - so I
> understand. The problem here is that you have to do it via IP
address...
> Can't just stick in .kr - how I'd love to! Craig Napier gave me a copy
of
> his list where he took the time to lookup all of the Korean ips,
apparently.
> He might be willing to share with others if you ask nicely... :)
>
> If anyone knows a program that will work like IPchains but with domain
> names, I would LOVE to know about it.... I am not holding my breath
though,
> as it seems realtively impossible/difficult due to the need to resolve
IPs
> backwards.
>
> HTH.
> Rick
>
> P.S. Rodolfo - off topic but I will find the article about switched
networks
> being sniffable and post it ASAP
>