How to Block a Specific County



  •  This was taken from a web hosting forum, in a discussion on how to block certain countries.

    IP are changing, yes ! but every country have a specific IP ID.
    For example if my PC ahve the IP of 97.125.***.***, the stars can change, but not the 97, as every country have a specific IP, and the 97 is the one which specifies the country. So you can simply use Htaccess, like i do to block Algeriam some users (by blocking ppp.pp.***.***, in with ppp.pp are country.state

     He was shortly banned for creating multiple accounts and spamming his links...

     I politely replied with these statistics for the United States.




  • He's right.  IPs like 10.x.x.x are from Candyland, for example.



  • @bstorer said:

    He's right.  IPs like 10.x.x.x are from Candyland, for example.
    and every 192.168.x.x address maps to one of the rooms (or hallways) in Clue.  I have my desktop machine set up to be in the study, my server to be in the observatory, and the laptops are in the hallway.

    Also, my client company owns a /8 set of IP addresses and all those users are definitely not in the same country.  



  •  While he obviously got most of the details wrong, and the idea of blocking an entire country by IP is generally moronic, there's a tiny seed of truth there.


  • Discourse touched me in a no-no place

    @Z1_Jacob said:

    IP are changing, yes ! but every country have a specific IP ID.
    Not related to this idiot are they? :

     

    Sorry dude. I block whole netblocks that I/we don't have any business with, and that fill up my logs with annoying connection attempts, and portscans, etc. I'll show you my method for blocking about 80% of probes, scans, password guessing bots, etc:

    # wget -o<nobr style="margin: 0px; padding: 0px; font-style: normal;"> <wbr style="margin: 0px; padding: 0px; font-style: normal;"></nobr>/dev/null -O - http://www.iana.org/assignments/ipv4-address-space/ | grep whois.apnic.net | grep ALLOCATED | cut -d " " -f 1 | xargs
    # need to add in<nobr style="margin: 0px; padding: 0px; font-style: normal;"> <wbr style="margin: 0px; padding: 0px; font-style: normal;"></nobr>.0.0.0 though
    for asia in 58.0.0.0/8 59.0.0.0/8 60.0.0.0/8 61.0.0.0/8 112.0.0.0/8 113.0.0.0/8 114.0.0.0/8 115.0.0.0/8 116.0.0.0/8 117.0.0.0/8 118.0.0.0/8 119.0.0.0/8 120.0.0.0/8 121.0.0.0/8 122.0.0.0/8 123.0.0.0/8 124.0.0.0/8 125.0.0.0/8 126.0.0.0/8 202.0.0.0/8 203.0.0.0/8 210.0.0.0/8 211.0.0.0/8 218.0.0.0/8 219.0.0.0/8 220.0.0.0/8 221.0.0.0/8 222.0.0.0/8
    do
    $fw -A INPUT -s $asia -j DROP
    done

    I don't get why you are getting annoyed that I (and probably many others) do things like this?

    To which one reply was:

    Your rule blocks most Australian IP addresses, for starters.



  • @Z1_Jacob said:

    Increase your log size today!
     

    Someone keeps sending me e-mails that suggest that the Sweedish have an answer to that issue.



  • @merreborn said:

     While he obviously got most of the details wrong, and the idea of blocking an entire country by IP is generally moronic, there's a tiny seed of truth there.

    Yes, but as most countries don't actually have an IP block, and many of the allocations for countries which do have netblocks to themselves are at a smaller block size than class As, there may appear to be a seed of truth, but it's actually just a shaving off of a mustard seed1 of truth, rather than an entire truth.

    1 Which, as we all know, is the 'smallest seed', so long as you don't count the hundreds - or is it thousands millions - of smaller seeds.



  • There is actually something called "GeoDNS", which provides mapping from IP-addresses to countries. It is used for things like automatically selecting closest mirror for download or guessing which local variant of your service to provide (eg. Google does this).

    Trying to use it for blocking access from some country is somewhat foolish though—for example I am in Czech Republic, but my IP address is Austrian. That's because I am connected through company intranet and connect via proxy in Austria (and indeed Google initially redirected me to google.at (fortunately it's changeable with proper Accept-Languages setting or cookies)). Anybody can use Tor to pretend they are accessing from almost anywhere if they really want.



  • This is why exactly why there are less than 255 countries in the world [citation needed].



  • @Zecc said:

    This is why exactly why there are less than 255 countries in the world [citation needed].
    Why do you think they invented IPv6?



  • @bstorer said:

    @Zecc said:

    This is why exactly why there are less than 255 countries in the world [citation needed].
    Why do you think they invented IPv6?
    Porn?



  • @belgariontheking said:

    @bstorer said:

    He's right.  IPs like 10.x.x.x are from Candyland, for example.
    and every 192.168.x.x address maps to one of the rooms (or hallways) in Clue.  I have my desktop machine set up to be in the study, my server to be in the observatory, and the laptops are in the hallway.

     

    [profplum@conservatory /dev/candlestick]$



  • @Zecc said:

    @bstorer said:

    @Zecc said:

    This is why exactly why there are less than 255 countries in the world [citation needed].
    Why do you think they invented IPv6?
    Porn?

    No, that's why I didn't invent IPv6.  I was too... busy...


  • @cconroy said:

    @belgariontheking said:

    @bstorer said:

    He's right.  IPs like 10.x.x.x are from Candyland, for example.
    and every 192.168.x.x address maps to one of the rooms (or hallways) in Clue.  I have my desktop machine set up to be in the study, my server to be in the observatory, and the laptops are in the hallway.

     

    [profplum@conservatory /dev/candlestick]$ userdel MrBoddy

    FTFY



  • @Zecc said:

    This is why exactly why there are less than 255 countries in the world [citation needed].

    Some fucker from country #127 (Romania, perhaps?) keeps trying to hack into my machine.



  • @morbiuswilters said:

    @Zecc said:
    This is why exactly why there are less than 255 countries in the world [citation needed].
    Some fucker from country #127 (Romania, perhaps?) keeps trying to hack into my machine.
    Gay or not, I'm ROFLing.  Actually, given that, I'm going to say definitely gay.


  • :belt_onion:

    @Zecc said:

    @bstorer said:

    @Zecc said:

    This is why exactly why there are less than 255 countries in the world [citation needed].
    Why do you think they invented IPv6?
    Porn?

    The answer to life, the universe and everything

Log in to reply