The problem we run into is that those same folks that are attacking our equipment are attacking the equipment behind our routers.
It is comparatively simple to secure our routers, not quite as easy to secure everything behind them, stuff that isn't ours. ----- Original Message ----- From: Sean Heskett To: [email protected] Sent: Friday, May 08, 2015 3:33 PM Subject: Re: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik Plus whenever the net neutrality rules kick in it'll be illegal. Shouldn't be necessary if you have your firewalls setup correctly. 2 cents -Sean On Friday, May 8, 2015, Paul Stewart <[email protected]> wrote: Ouch… are you sure you want to do that? I wouldn’t ever tell someone how to run their company or network but you are just hiding in my opinion from the problems you are possibly having. What about Romania for example? I’ve seen a few ISP’s block whole countries and it wasn’t pretty…. People couldn’t email relatives in those countries, couldn’t pull up websites, companies/business customers couldn’t conduct business etc etc…. Just a thought J Paul From: Af [mailto:[email protected]] On Behalf Of Michael Gawlowski Sent: Friday, May 8, 2015 3:25 PM To: [email protected] Subject: [AFMUG] Dropping Chinese & Korean IP's in Mikrotik I have a blocklist of IP’s and CIDR ranges that I would like to add in my mikrotik 1100’s and 2011’s. Two questions: 1) What is the best way to add these without doing one address or subnet at a time? 2) Will there be a significant impact on router performance from adding so many rules in the firewall filter? Most of these routers are expected to handle about 50-150Mbps depending on the model and location. Thank you, Mike Gawlowski Triad Wireless, LLC 4226 S. 37th ST Phoenix, AZ 85040 (602)-426-0542 Triadwireless.net
