|David Taveras||Feb 13, 2010 9:05 pm|
|David Taveras||Feb 13, 2010 9:15 pm|
|Jim Ohlstein||Feb 13, 2010 9:20 pm|
|CLIFFORD ILKAY||Feb 14, 2010 12:56 pm|
|Cliff Wells||Feb 14, 2010 4:35 pm|
|CLIFFORD ILKAY||Feb 14, 2010 5:45 pm|
|Todd Fisher||Feb 14, 2010 7:18 pm|
|CLIFFORD ILKAY||Feb 14, 2010 7:55 pm|
|Cliff Wells||Feb 14, 2010 9:39 pm|
|Cliff Wells||Feb 14, 2010 9:44 pm|
|CLIFFORD ILKAY||Feb 14, 2010 10:26 pm|
|Jim Ohlstein||Feb 15, 2010 6:27 am|
|Subject:||Re: GeoIP rewite rule?, redirect CHINA users to an error page.|
|From:||Jim Ohlstein (ji...@ohlste.in)|
|Date:||Feb 15, 2010 6:27:01 am|
On 2/15/10 1:26 AM, CLIFFORD ILKAY wrote:
On 02/15/2010 12:40 AM, Cliff Wells wrote:
Incidentally I'm not trying to lecture you, but I think this conversation is worth having in this public forum as there are many people who will read this at some future date, and without some counter-argument, they might be led into thinking this is a good solution to a security-related problem without considering all the implications first.
This was not done for reasons related to the security of the server. It was done purely to reduce the number of scam emails originating from the aforementioned TLDs to the advertisers of the goods on my client's web site. If the governments of the countries represented by those TLDs took Internet fraud and other Internet-related malfeasance more seriously and prosecuted the criminal gangs that are often behind these activities, then we wouldn't have to resort to such drastic measures.
While scam emails are a nuisance, and perhaps apropos of nothing, a great deal of the attempted credit card fraud that we see originates in the good old United States of America.
We use geographic blocking simply to block unprofitable or nuisance traffic. For instance, one of the issues we had with our proxies were requests from Iran consuming huge amounts of bandwidth. While I am sympathetic to the fact that internet access is restricted there, advertisers who pay our bills could care less. They don't pay much if anything for impressions in Iran. Another country created problems with excessive downloads of large files, again consuming bandwidth at what seemed like all hours. We didn't want to rate limit everyone because the issue was really with one country, so we used a redirect to a different domain. That domain *only* had traffic from that one country, and requests were rate limited after a couple of megabytes. This had the effect that smaller files were easy to download but large files went very s-l-o-w-l-y. Users quickly adapted their usage of our service.
For credit card processing, we pre-screen with MaxMind's paid service. I think it costs $0.004 per request. It's the best four-tenths of a cent I can imagine paying. Many if not most of the frauds never even get to our processor to decline.
We use none of this in "server security". For what it's worth, we see break in attempts from all corners of the globe. The Western Hemisphere is well represented.
-- Jim Ohlstein