On 2/27/07, David Bolt <[EMAIL PROTECTED]> wrote:
On Tue, 27 Feb 2007, Matthew Stringer <[EMAIL PROTECTED]> wrote:-
>Is it possible to configure IPTables to only allow connections from a
>particular country?
In a round-about way, yes.
>Is there an online list of all the subnets used in each country?
Have you looked at the RIPE FTP server? They have a complete list of all
allocations of the space they allocate[0], which country it's allocated
to, and the list is updated on a daily basis. You can find a copy of it
here:
<URL:ftp://ftp.ripe.net/pub/stats/ripencc/delegated-ripencc-latest>
>I have a webserver which I only want UK residents accessing but I've not been
>able to determine a complete list of IP's
I'm curious as to why you'd only want it accessible by UK residents,
rather than everyone. Also, any reason why you couldn't just use
.htaccess to password-protect the pages? Much easier, unless you want to
make it appear that there is no server running.
I would not bother doing this. I've bumped into quite a number of such
services limited to some country IP addresses. To my money it does not
worth the time spent on such protection. Immediately you'll find
another services that suggest "anonymizing proxy" with addresses from
that specific country.
I've also seen another type of "country related) protection: one site
requests username and password, that are actually the answer to some
quiz. The question itself is very simple for the "natives" of this
country, like the names of the characters from kids cartoons. They
also change it from time to time. But it is written using some native
encoding in such a way that normal browsers display it in the message
box as "abracadabra" and only "localized" version of M$ browser can
display it properly...
Still this is easily breakable. Using text mode browser in Linux (like
lynx or w3m) it is possible to store the "quiz" message box to text
file and then decode it using e.g. Kate.
What a luck that it is not applicable to English-speaking countries :-)
--
Mark Goldstein
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
