GeoIP Blocking, A Controversial But (Sometimes) Effective Approach

Presented at DEF CON 13 (2005), July 31, 2005, 2 p.m. (50 minutes)

What if I told you, than in a few minutes and at no extra cost, you could be blocking up to 30% of  all malware headed for your network?  Sound to good to be true? Well it doesn't work for everyone and there are a lot of caveats, but it can be an effective way to eliminate a large portion of the malicious traffic aimed at your network. In this talk we will cover why you would want to GeoIP block and why it might not be a good choice for you. We will then get into the mechanics with actual IP blocks given and strategies for both full and limited GeoIP blocking. You have nothing to lose and may gain a valuable tool in your network security arsenal.

Presenters:

• Tony Howlett - President, Network Security Services, Inc.
  Tony Howlett is President of Network Security Services, Inc. He was previously founder and CTO of InfoHighway Communications Corp., a leading ISP and CLEC. He is a frequent speaker and writer on security, the Internet and technology. His articles have appears in SysAdmin, Security Administrator, Windows Web Solutions, Windows IT Pro, Texas Computing and Computer Currents magazines. He is also author of "Open Source Security Tools" published by Addison Westley in 2004. Type "Tony Howlett" into Google to get additional references.

Links:

• https://defcon.org/html/defcon-13/dc13-speakers.html#Howlett
• https://www.youtube.com/watch?v=wV6S-grHF3E

Similar Presentations:

• BruCON 0x09 (2017) / Jedi's trick to convince your boss and colleagues Workshop
• DEF CON 30 (2022) / How Russia is trying to block Tor
• DEF CON 24 (2016) / So You Think You Want To Be a Penetration Tester