On Wednesday, 4 October 2017 23:49:30 BST mad.scientist.at.la...@tutanota.com wrote: > I have to disagree with the last post. You should most certainly block some > inbound traffic. you should block ports you aren't using. If some ip > addr. or particular provider have a customer trying to break your' machine > you want to block the whole isp unless you are serving pages etc. you > should block the router solicitation and block any other routers > advertising them. i usually also block ping both ways. Every major > program is full of bugs, you want to try to limit the access of others to > the least amount possible consistent with the net software you are > running. > > Long ago i had all of china blocked, because i wasn't visiting sites there > and it was where most of the attacks came from. When you have a "slow" or > very busy connection to the net the incursion atempts.
There are a few problems with this approach: As it has already been mentioned, the Chinese, Ukrainian, et al. IP address blocks change on an hourly basis. With spammers using DNS forwarding you will need to start blocking US, Netherlands, etc. based ISPs, CDNs and cloud hosters. However, you may still want to receive some of these hosters content - non-malicious and non-advert related web pages. Some web page scripts rely on acknowledgment/interaction with servers proxied on some of the addresses you could have blocked. As a result web pages hang and never complete loading, forms are broken, clicking on buttons do not yield a result. In other words, you could break the interwebs and your browsing experience along with it. > While not security related directly, i also like to ban the ip addr of ad > bots, i suspect that when they change their' domain name or buy a new one, > that the ad company doesn't get a new ip addr range. Nope, the IP addresses of these change too. They are cloud hosted too, geographically dispersed, load balanced and change all the time. > this are the servers > that are most overloaded and slowest, slowing down page loads. You could > even consider that this slowness from ad servers produces a DOS, assuming > you don't want the information and didn't ask for it. now i just try to > block the obnoxious advertisers, the people who at 3 AM will shove audio to > you that's louder than the music you were/are playing. -- > "Informed delivery" is just an excuse for the post office to compile data > basses for sale to marketing firms and those even less reputable, it is a > gross abuse of the postal systems special access to our lives. If blocking this kind of content is for web browsing purposes only, blocking adverts can be quite effectively achieved by using browser add ons like 'Ublock Origin'. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
