This will be brief for now but as many will know today in the news about the recent China scare via the internet http://www.timesonline.co.uk/tol/news/uk/article5993156.ece what does one do to protect ourselves from this?

Well its easy to start with and involves blocking all China's internet space either via a htaccess file if you run servers or you can do it via the firewall and IP blockers like PeerGuardian.

I'm doing it via Peerguardian but might chane to Protowall which blocks more protocols.

Ok what this will do is stop ALL Chinese traffic from connecting to your machine and this incl good traffic from the region but this is the price they have to pay for being so lax in their management of the cyberspace.

The lists can be downloaded from various sources but this one seems the best thus far for me http://www.okean.com/antispam/sinokorea.html

Korea is also incl in that list. To get these into something like Peerguardian you need to download bluetacks blocklist manager which is located in the downloads section http://www.bluetack.co.uk/

You have to than tinker about with copy + paste of the list from oKean and than load it into BLM and than convert that to PG format which will than run up with your machine and block the filth.

I will go over this in much more detail tommorow .. infact I will incl all this on my blog in extensive detail and may post a copy from that to here as it will be more comprehensive instead writing it twice alongwith more information to help your security and other lists such as a Nigerian and Russian list that incl known and proven scum ranges from those nations.

I'll cover a program that lists and blocks bad domains in your hosts file aswell.

At the end of the day we are living in a very dangerous time and the internet isnt policed like what we're used to albeit policing systems exist but its much dependant on the nations whom are over that particular cyberspace.

All the tools I mentioned are FREEWARE too and from trusted sources.

Let me know your thoughts, experiences on issues like this.

Here's my thread on the Chinese blocklist and what you need, how to use them and the actual list with all of China's & Korea's cyberspace IP range > http://itsamixturereally.blogspot.com/2009/03/recent-chinese-cyber-hack-and-what-you.html

Let me also say that this DOES NOT gurantee someone from China or Korea will not be able to get into your system\s because if they manage to get into another system such as for example one located in the USA and than attack you from that location, you could still be damaged unless your other protection holds up such as firewall, anti vius etc but the IP blacklist wouldnt help because the attack would originate from outside the nations in the list.

This is the PROBLEM and has been talked about allot, however if large networks and backbones to the internet infrastructure implemented such blacklists it would work more effective at hitting the countries on it because at some stage the connection has to leave the compromised machine in the USA and get back to China\Korea and its on this departure it would be blocked by the blacklist but at what point on its journey is unclear and the damage possibly already done.

I will say this ... useing these lists isnt a waste of time and WILL protect you from unknown bad stuff out in the wild of cyberspace from the region that has not been picked up and is going from the source ... often this could be a website hosted from China which has bad scripts and contains various code that will infect your machine once clicked on ... of course the trouble would be that you would never have known this because you may not have known it was a bad site from the source of one of the blacklists and found it via a search on google for the lastest review on joe bloggs ... so yeah it works and is important.

If you do get blocks useing it than note the IP and look it up and see what company its in. Also let me know and I will do a search on it.

We need to start protecting ourselves more on the internet as terrorists are useing it more and use Amercia's own hosts for their perch to send out evil and yet America declares war on terror! Its a damn shame the net isnt as well policed but its getting better.

Finally, going back to the blacklists ... I'm working closely with a commercial company on developing a blacklist which will incl the USA's worst domains, hosts, compromised unsecure networks and ISP's and place them into various formats for third parties to use.

This would than be additional armour to the Chinese + Korean lists as the machines they often compromise are on such networks in the USA and blocking access to them means you block access to the hackers from across the globe which than means the US companies start to lose money from traffic decrease which than starts them searching for answers, than they see security has been shit and they have had blinkers on and the security gets better and people start comming back ... the foreign pain in the ass stops messing with them and less systems are compromised.