Saudi Arabia

X-No-Archive: Yes

(Note to Google users, Google purges articles with X-No-Archive set to yes, after 6 days.)

However, if a foreign Web surfer wanted to access your Web site, he could still do it. All he/she would have to do is to surf through an open proxy on a subnet that is not blocked, and they can get around the ban on that subnet. Just becuase you block a subnet, does not mean that someone has not circumvented it through an open proxy server elswhere. Blocking certain countries from your Web site will not work. May I suggest you check out

You should have 135, 137, and 139 closed permanently, instead of just autoblock for 20 minutes, ditto for ports 1025 through 1029. Tiny Personal Firewall is set on my network to block all inbound requests on ports 1025 through 1029, both TCP and UDP.

"Charles Newman" wrote in news: snipped-for-privacy@comcast.com:

A Legitmate program called Radmin,

On Tue, 21 Dec 2004 12:37:35 -0800, Charles Newman spoketh

There's been a steady flow of probes on this port for a few months, so it's hardly anyone from *anywhere* targeting you, Charles.

Lars M. Hansen

I've used RaAdmin on internal networks, but there is no reason to expose it outside your network or allow it inbound.

I have several rules setup in my firewall, when it detects a probe on

In addition to the above, since I'm in the USA and have little need for our website or email server to get traffic from outside the USA, I block about 20 subnets. Doing this is a great way to cut down on all sorts of unwanted traffic.

I block subnets so that I can be free of idiots and direct attacks. I've always known of and about proxies, so it's still doing what I want.

Sorry, should have been more clear, they are blocked, but the block rule also allows me to block the IP for XX time when sensed.