Should I block ....

Any address that is not part of your customer base or target market should be blocked. There is no reason to allow access to a web server for the entire world, unless your target is the entire world.

We block most Asian and eastern countries by default since we don't do any business with them - it's cut our chatter down by some 80% - we block entire subnets in foreign countries, which also cuts down on spam.

Misconfigured 'wget' script, or a proxy server at a school where someone had put a note on the wall "For a good time, goto .time.html" [For non-US - there's an old joke about a small sign in a public phone kiosk with those words - and a phone number like '555-1234' which many phone companies here use for a talking clock reporting the correct local time.]

%20 is a space. Are you saying its like "

I'd _also_ look at your page name and see if it couldn't be being confused with some other site - as an example, your site being called 'foo.bar.baz.us' and these guys looking for 'foo.bar.baz.ua' or 'foo.bar.baz.su'.

That's up to you. Do you have any reason for or against serving pages to that TLD?

Old guy>

"Tom Cat" ???????: snipped-for-privacy@g49g2000cwa.googlegroups.com...

Yes, you should block it.

X-No-Archive: Yes

.....sigh

He we go again. Trying to block certain users from accessing your Web pages is a waste of time. Such a filter can be cicumveneted using an open HTTP proxy server. May I suggest you check out:

Masking your IP address is not that difficult to do, and anyone who knows how to configure their Web browser can use one of these proxies. As I have said before, I used one of these last year to circumvent Eurosport's restrictions on who could receive the audio streams of Olympic coverage. To Eurosport's servers, it looked as if I was coming in from the "allowed" area (UK, France, Italy, Germany, Span) and they never had any idea that I was masking my IP with an open HTTP proxy server. As far as their servers were concerned, I was coming from Europe, and they had no idea I was really coming from the United States. In short, if you try to block from certain countries, you are just waisting your time and effort, as these measures can be circumvented by anyone using an open HTTP proxy server.

Leythos, you live in a dream world.

-Frank

Sure. I'm just happy for you that your customers know the IPs of their target market. They are lucky dudes, I'd say.

-Frank

Nice comment - please elaborate on that.

While we understand our target, it's just a base set of rules. While we don't do any business with Africa as an example, we block IP's designated as being in Africa, but that does not mean that businesses in Africa can't reach us through other means or through IP's not in those block lists.

As a simple example, we don't do business with anyone in china, and don't really need too, so we block all subnets we've been probed from that resolve to a China based network/provider.

In short you don't really understand the reason for doing it. It has nothing to do with blocking people that use Proxy addresses in other (unblocked) locations.

Limiting exposure is what security is about, it's a basic means of protection, it's also along the rule of allow only what is needed.

It's about security - and your method of helping people violate security policy in their offices would not have worked in any of our managed environments - as we pointed out when you were confronted then too.