topic Re: IP Blocking by Country? in Network Security https://community.cisco.com/t5/network-security/ip-blocking-by-country/m-p/957880#M940062 <HTML><HEAD></HEAD><BODY><P>Chuck-</P><P></P><P>I have never found a really good way to block by Country, so I try and maintain a list. I send the network to null0 so it doesn't affect performance too much. Here are some resources that may help.</P><P></P><P>Bogon List</P><P><A class="jive-link-custom" href="http://www.cymru.com/Documents/bogon-dd.html" target="_blank">http://www.cymru.com/Documents/bogon-dd.html</A></P><P></P><P>ACL for DIACAP</P><P><A class="jive-link-custom" href="http://kb.packetpros.com/?View=entry&amp;EntryID=10" target="_blank">http://kb.packetpros.com/?View=entry&amp;EntryID=10</A></P><P></P><P>A site I used for building my list</P><P><A class="jive-link-custom" href="http://www.unixhub.com/block.html" target="_blank">http://www.unixhub.com/block.html</A></P><P></P><P>My list w/o Bogons</P><P>ip route 219.0.0.0 255.0.0.0 null0</P><P>ip route 22255.255.255.255 255.0.0.0 null0</P><P>ip route 221.0.0.0 255.0.0.0 null0</P><P>ip route 21255.255.255.255 255.0.0.0 null0</P><P>ip route 211.0.0.0 255.0.0.0 null0</P><P>ip route 20255.255.255.255 255.0.0.0 null0</P><P>ip route 209.67.38.99 255.255.255.255 null0</P><P>ip route 204.178.112.170 255.255.255.255 null0</P><P>ip route 205.138.3.62 255.255.255.255 null0</P><P>ip route 199.95.207.0 255.255.255.0 null0</P><P>ip route 199.95.208.0 255.255.255.0 null0</P><P>ip route 216.52.13.39 255.255.255.255 null0</P><P>ip route 216.52.13.23 255.255.255.255 null0</P><P>ip route 207.79.74.222 255.255.255.255 null0</P><P>ip route 209.122.130.0 255.255.255.0 null0</P><P>ip route 207.134.171.0 255.255.255.0 null0</P><P>ip route 62.253.164.0 255.255.255.0 null0</P><P>ip route 155.247.210.0 255.255.255.0 null0</P><P>ip route 61.77.78.0 255.255.255.0 null0</P><P>ip route 200.42.0.0 255.255.255.0 null0</P><P>ip route 193.252.19.0 255.255.255.0 null0</P><P>ip route 193.110.136.0 255.255.255.0 null0</P><P>ip route 67.96.136.0 255.255.255.0 null0</P><P>ip route 61.11.48.0 255.255.255.0 null0</P><P>ip route 209.63.68.0 255.255.255.0 null0</P><P>ip route 216.191.203.0 255.255.255.0 null0</P><P>ip route 209.125.37.0 255.255.255.0 null0</P><P>ip route 66.70.14.0 255.255.255.0 null0</P><P>ip route 64.80.217.0 255.255.255.0 null0</P><P>ip route 64.80.218.0 255.255.255.0 null0</P><P>ip route 202.108.44.0 255.255.255.0 null0</P><P>ip route 209.73.162.0 255.255.255.0 null0</P><P>ip route 66.7.131.0 255.255.255.0 null0</P><P>ip route 216.32.64.0 255.255.255.0 null0</P><P>ip route 168.95.4.0 255.255.255.0 null0</P><P>ip route 163.32.96.0 255.255.255.0 null0</P><P>ip route 207.253.100.0 255.255.255.0 null0</P><P>ip route 203.251.180.0 255.255.255.0 null0</P><P>ip route 195.53.182.0 255.255.255.0 null0</P><P>ip route 207.79.74.0 255.255.255.0 null0</P><P>ip route 200.212.99.0 255.255.255.0 null0</P><P>ip route 64.28.74.0 255.255.255.0 null0</P><P>ip route 210.145.137.0 255.255.255.0 null0</P><P>ip route 209.185.149.0 255.255.255.0 null0</P><P>ip route 216.33.104.0 255.255.255.0 null0</P><P>ip route 209.183.236.0 255.255.255.0 null0</P><P>ip route 202.219.52.0 255.255.255.0 null0</P><P>ip route 63.20.240.0 255.255.255.0 null0</P><P>ip route 210.123.152.0 255.255.255.0 null0</P><P>ip route 200.241.80.0 255.255.255.0 null0</P><P>ip route 194.21.74.0 255.255.255.0 null0</P><P>ip route 210.59.228.0 255.255.255.0 null0</P><P>ip route 150.57.60.0 255.255.255.0 null0</P><P>ip route 64.28.75.0 255.255.255.0 null0</P><P>ip route 209.121.135.0 255.255.255.0 null0</P><P>ip route 212.210.15.0 255.255.255.0 null0</P><P>ip route 216.35.159.0 255.255.255.0 null0</P><P>ip route 210.59.144.0 255.255.255.0 null0</P><P>ip route 192.106.88.0 255.255.255.0 null0</P><P>ip route 211.20.142.0 255.255.255.0 null0</P><P>ip route 202.96.194.0 255.255.255.0 null0</P><P>ip route 216.251.232.0 255.255.255.0 null0</P><P>ip route 202.242.18.0 255.255.255.0 null0</P><P>ip route 202.166.255.0 255.255.255.0 null0</P><P>ip route 206.190.171.0 255.255.255.0 null0</P><P>ip route 64.71.132.0 255.255.255.0 null0</P><P>ip route 64.1.242.0 255.255.255.0 null0</P><P>ip route 216.233.51.0 255.255.255.0 null0</P><P>ip route 216.233.69.0 255.255.255.0 null0</P><P>ip route 206.130.106.0 255.255.255.0 null0</P><P></P><P>HTH</P></BODY></HTML> Tue, 01 Apr 2008 13:36:49 GMT Collin Clark 2008-04-01T13:36:49Z IP Blocking by Country? https://community.cisco.com/t5/network-security/ip-blocking-by-country/m-p/957879#M940061 <P>We are considering a strategy of blacklisting or whitelisting IP by country. </P><P></P><P>Some questions:</P><P></P><P>1) Is there an easier method than adding lots of IP ranges (i.e. just specify a country)</P><P></P><P>2) What would be the performance considerations? i.e. how big of a list of IP ranges has to get before it starts to impact network throughput beyond neglible.</P><P></P><P>3) Are there better ways of achieving this objective, such as blocks at our ISP (AT&amp;T) level, or specialized network appliances? </P><P></P><P>thanks for your answers in advance</P><P></P><P></P> Mon, 11 Mar 2019 12:24:57 GMT https://community.cisco.com/t5/network-security/ip-blocking-by-country/m-p/957879#M940061 chuck.beach 2019-03-11T12:24:57Z Re: IP Blocking by Country? https://community.cisco.com/t5/network-security/ip-blocking-by-country/m-p/957880#M940062 <HTML><HEAD></HEAD><BODY><P>Chuck-</P><P></P><P>I have never found a really good way to block by Country, so I try and maintain a list. I send the network to null0 so it doesn't affect performance too much. Here are some resources that may help.</P><P></P><P>Bogon List</P><P><A class="jive-link-custom" href="http://www.cymru.com/Documents/bogon-dd.html" target="_blank">http://www.cymru.com/Documents/bogon-dd.html</A></P><P></P><P>ACL for DIACAP</P><P><A class="jive-link-custom" href="http://kb.packetpros.com/?View=entry&amp;EntryID=10" target="_blank">http://kb.packetpros.com/?View=entry&amp;EntryID=10</A></P><P></P><P>A site I used for building my list</P><P><A class="jive-link-custom" href="http://www.unixhub.com/block.html" target="_blank">http://www.unixhub.com/block.html</A></P><P></P><P>My list w/o Bogons</P><P>ip route 219.0.0.0 255.0.0.0 null0</P><P>ip route 22255.255.255.255 255.0.0.0 null0</P><P>ip route 221.0.0.0 255.0.0.0 null0</P><P>ip route 21255.255.255.255 255.0.0.0 null0</P><P>ip route 211.0.0.0 255.0.0.0 null0</P><P>ip route 20255.255.255.255 255.0.0.0 null0</P><P>ip route 209.67.38.99 255.255.255.255 null0</P><P>ip route 204.178.112.170 255.255.255.255 null0</P><P>ip route 205.138.3.62 255.255.255.255 null0</P><P>ip route 199.95.207.0 255.255.255.0 null0</P><P>ip route 199.95.208.0 255.255.255.0 null0</P><P>ip route 216.52.13.39 255.255.255.255 null0</P><P>ip route 216.52.13.23 255.255.255.255 null0</P><P>ip route 207.79.74.222 255.255.255.255 null0</P><P>ip route 209.122.130.0 255.255.255.0 null0</P><P>ip route 207.134.171.0 255.255.255.0 null0</P><P>ip route 62.253.164.0 255.255.255.0 null0</P><P>ip route 155.247.210.0 255.255.255.0 null0</P><P>ip route 61.77.78.0 255.255.255.0 null0</P><P>ip route 200.42.0.0 255.255.255.0 null0</P><P>ip route 193.252.19.0 255.255.255.0 null0</P><P>ip route 193.110.136.0 255.255.255.0 null0</P><P>ip route 67.96.136.0 255.255.255.0 null0</P><P>ip route 61.11.48.0 255.255.255.0 null0</P><P>ip route 209.63.68.0 255.255.255.0 null0</P><P>ip route 216.191.203.0 255.255.255.0 null0</P><P>ip route 209.125.37.0 255.255.255.0 null0</P><P>ip route 66.70.14.0 255.255.255.0 null0</P><P>ip route 64.80.217.0 255.255.255.0 null0</P><P>ip route 64.80.218.0 255.255.255.0 null0</P><P>ip route 202.108.44.0 255.255.255.0 null0</P><P>ip route 209.73.162.0 255.255.255.0 null0</P><P>ip route 66.7.131.0 255.255.255.0 null0</P><P>ip route 216.32.64.0 255.255.255.0 null0</P><P>ip route 168.95.4.0 255.255.255.0 null0</P><P>ip route 163.32.96.0 255.255.255.0 null0</P><P>ip route 207.253.100.0 255.255.255.0 null0</P><P>ip route 203.251.180.0 255.255.255.0 null0</P><P>ip route 195.53.182.0 255.255.255.0 null0</P><P>ip route 207.79.74.0 255.255.255.0 null0</P><P>ip route 200.212.99.0 255.255.255.0 null0</P><P>ip route 64.28.74.0 255.255.255.0 null0</P><P>ip route 210.145.137.0 255.255.255.0 null0</P><P>ip route 209.185.149.0 255.255.255.0 null0</P><P>ip route 216.33.104.0 255.255.255.0 null0</P><P>ip route 209.183.236.0 255.255.255.0 null0</P><P>ip route 202.219.52.0 255.255.255.0 null0</P><P>ip route 63.20.240.0 255.255.255.0 null0</P><P>ip route 210.123.152.0 255.255.255.0 null0</P><P>ip route 200.241.80.0 255.255.255.0 null0</P><P>ip route 194.21.74.0 255.255.255.0 null0</P><P>ip route 210.59.228.0 255.255.255.0 null0</P><P>ip route 150.57.60.0 255.255.255.0 null0</P><P>ip route 64.28.75.0 255.255.255.0 null0</P><P>ip route 209.121.135.0 255.255.255.0 null0</P><P>ip route 212.210.15.0 255.255.255.0 null0</P><P>ip route 216.35.159.0 255.255.255.0 null0</P><P>ip route 210.59.144.0 255.255.255.0 null0</P><P>ip route 192.106.88.0 255.255.255.0 null0</P><P>ip route 211.20.142.0 255.255.255.0 null0</P><P>ip route 202.96.194.0 255.255.255.0 null0</P><P>ip route 216.251.232.0 255.255.255.0 null0</P><P>ip route 202.242.18.0 255.255.255.0 null0</P><P>ip route 202.166.255.0 255.255.255.0 null0</P><P>ip route 206.190.171.0 255.255.255.0 null0</P><P>ip route 64.71.132.0 255.255.255.0 null0</P><P>ip route 64.1.242.0 255.255.255.0 null0</P><P>ip route 216.233.51.0 255.255.255.0 null0</P><P>ip route 216.233.69.0 255.255.255.0 null0</P><P>ip route 206.130.106.0 255.255.255.0 null0</P><P></P><P>HTH</P></BODY></HTML> Tue, 01 Apr 2008 13:36:49 GMT https://community.cisco.com/t5/network-security/ip-blocking-by-country/m-p/957880#M940062 Collin Clark 2008-04-01T13:36:49Z