[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <A876923A2C9CD44BA76505F58ECF089D0664D8@gandalf.optimum.bm>
Date: Wed, 20 Jan 2010 16:44:40 +0000
From: Tim Mullen <Thor@...merofgod.com>
To: Lawrence Pingree <ntpeck@...oo.com>
Cc: "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>
Subject: RE: All China, All The Time
If you can parse out XML, I'm sure you can script up something to "build" sets for IPTables. However, I don't know that IPTables has the ability to "group" the individual IP ranges into "sets" as opposed to simply putting them in as line-by-line rules.
That's the beauty of ISA/TMG/UAG - the xml files build individual sets comprised of IP ranges which you can apply by themselves to whatever protocols you wants to/from whatever network sources you want. But, regardless of the chosen platform, at least you can parse out the XML to get what you want.
The important fields are:
<fpc4:IPFrom dt:dt="string">66.227.2.137</fpc4:IPFrom>
<fpc4:IPTo dt:dt="string">66.227.2.144</fpc4:IPTo>
<fpc4:Name dt:dt="string">AL1122173577-1122173584</fpc4:Name>
Where IPFrom is the beginning IP of the range, IPTo is the ending IP of the range, and "Name" is a unique name for the range itself. I chose to have the same simply be the country code followed by the range so it could be immediately identified even if used outside of a set.
Hope that has some use for you.
t
-----Original Message-----
From: Lawrence Pingree [mailto:ntpeck@...oo.com]
Sent: Wednesday, January 20, 2010 8:29 AM
To: Tim Mullen
Cc: bugtraq@...urityfocus.com
Subject: Re: All China, All The Time
Hey thor,
I would love if you had something for IPtables to do this.
Best Regards,
Lawrence Pingree
On Jan 13, 2010, at 12:28 PM, "Thor (Hammer of God)" <thor@...merofgod.com> wrote:
With all the hubbub around China yet again, I would like to remind you of the utilities available at Hammer of God that allow one to completely block any or all traffic to or from China or any other country in the world via ISA/TMG.
As many of you know, I’ve been totally blocking China for years, mostly because I’m a Porcelain kind of guy. Oh, and the fact that the entire country’s network is a festering cesspool of scum and villainy.
Here’s an article I wrote about a 1.5 years ago on the subject if it has any relevance to you.
http://www.securityfocus.com/infocus/1900/1
如果您可以看到这一点,不回答 - 我不会得到它。
t
____________________
Timothy (Thor) Mullen
thor@...merofgod.com
www.hammerofgod.com
Powered by blists - more mailing lists