Re: [cobalt-users] H4CK3R5

["Jonathan Michaelson" <michaelsonjd@xxxxxxxxxxx>]

> >My clients require good secure servers, with few problems. Killing off
> >entire countries is a fairly easy way to limit the abuse my systems must
> >endure. Frankly, I am ready to add Italy, Japan, China, Germany and
others
> >to the list too..
>
> I suggest you to put all countries except US in your list.

Which destroys the whole concept of a borderless internet.

It's funny, over 50% of attacks to our server _originate_ from the US of A.
About 95% of SPAM originates from the USA.

This is undoubtedly because of the level technology and understanding of use
of computers and the internet in the USA being generally in advance of many
other countries through longer exposure by that society and the general
culture, however high use usually seems to lead to high abuse. Don't forget
that internet use in the USA is now a minority of overall usage (since last
year at least) and you'll be wiping out a lot of potential visitors/users in
this global economy.

IMHO, your focus shouldn't necessarily be on countries, more to securing
your server to limit attention from *anyone*. Bear in mind that putting
people in hosts.deny only limits access to those applications that run
through it. Remember, this will do *nothing* to stop people trying to hack
into BIND, SSH, Apache, etc if you're not running these through the TCP
wrappers.

Much better would be to look at Firewall solutions, using ORBS or MAPS and
watching your servers very closely as has been mentioned previously. If a
hacker finds you're blocking a whole country, it's trivial for them to hop
to a compromised server in, say, the USA and hacking you from there as
you're obviously presenting them with a challenge.

Regards,
Jonathan Michaelson