I am under a ddos attack and need to block country

Greycheetah
5 pts.
Tags:
Cisco ASA
DDOS
Firewalls
IP blocking
Web security
I have Cisco ASA Hardware Firewall and O don't see how to block either a bunch of IP addresses (thousands) or deny access to a whole country. Is it possible? Adding one IP at a time is not an option. Thanks
Asked: Last updated:
Related Questions

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hello Greycheetah,
You may use this site that gives you country based IP ranges.
Bye

Better site that provides the subnets and full IP ranges. Provides ACLS for Apache and other APPs but could quite easily be converted to cisco ACL’s

 

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Labnuke99
    A DDos attack is difficult to stop and it may actually be a reflected attack. Can you block the specific service that they are attacking?
    32,960 pointsBadges:
    report
  • Kevin Beaver
    I agree with Labnuke99 - try to limit who can access the service they're attacking. Also consider contacting your ISP to see if there's anything they can do (i.e. setup an ACL) to keep the traffic from ever getting to your network in the first place.
    25,765 pointsBadges:
    report
  • dwulff
    Too many iptable rules in your firewall can create memory & CPU overhead loads for each new connection and impact latency. I found TechGuard makes an in-line appliance (IPV4/IPV6 compatible) that works w/ other firewalls and routers that allows for blanket policies (like country blocking) but still granular control (i.e. allow specific IP addresses for a corporate office in China as an exception, or blocking specific IP addresses for countries you want open to your network). Again, this would be for a company operating their own servers, in a network that can support an in-line appliance built to block IP addresses by country.
    30 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: