On 04/02/2015 09:57 AM, Mark Tinka wrote:
On 2/Apr/15 09:52, Stefan Neufeind wrote:
Of course it's not something you should generalise about all people or all traffic from certain countries. But it's obvious that there are some countries which seem to care almost not at all about abuse or maybe even are sources for planned hack-attempts. And at least some large ISPs there seem to do nothing for their reputation or the reputation of their country.
So when your customer calls you to complain about not being able to reach a random destination in "certain countries", you would tell them that you made a conscious decision to block access to "certain countries" because of reasons the customer probably will never understand or appreciate?
Not fully block / null-route of course. You might however consider to not allow ssh-logins from certain countries (if you know what you're doing) to avoid noise in the logs, might monitor incoming emails with smtp-auth for suspicious activity based on country (of course there can always be someone on holiday in those countries) etc. All I'm saying is that attacks or spam sometimes seem to originate mainly from "certain" countries. Judge for yourself what you maybe want to use that additional piece of information (geo-location) for - and use it wisely. Kind regards, Stefan