How to ban incoming Russian IP addresses on our servers?

17 points by efortis ↗ HN
Option 1:

https://www.countryipblocks.net/acl.php

[x] Russia, (x) CIDR, [ Copy to Clipboard ]

Paste as `/etc/ips_blocklist` and then in the firewall (e.g. pf)

  table <blocklist> file "/etc/ips_blocklist"
  block in quick from <blocklist>

8 comments

[ 3.4 ms ] story [ 27.1 ms ] thread
There are tons of solutions out there. Look for geoblocking solutions. pfsense will let you do it but it's kind of involved (a breeze if you're a sysadmin type).
Don't punish the Russian people, they don't nessecarily support the actions of Putin and can't really do anything to stop him.
But do you think this would give the population yet another reason to put Pressure on Putin to fall back in line with the will of the people? We had this conversation in our OPSEC meeting this morning and decided protecting our assets had a higher priority than any inconvenience placed on the Russian Civilian Population. we can always reverse our policy later but for the time being we'll error on the side of our clients.
Everyone always goes to extremes in the age we live.

Don't overreact and block what you think are Russian ips. Because your effort is not going to crack the iron curtain but it will hurt everyday citizens who have no power to pressure their government or local secret service agents.

I'm sure the Russian offensive cybersecurity operations have access to non-Russian IP addresses, so this policy of blocking Russian IP addresses is likely to have zero effect on them and lots of collateral damage on Russian civilians.
Force them to use fewer and fewer VPNs and stolen access. Increase their challenge.
just tell everyone you banned russian ip's, no need to actually to do it.

you'll get the same results.