Posted on

COVID-19 Isn’t the only virus coming out of China

Press Release: March 24, 2020.

Coronavirus has been in the news since January. The virus, allegedly originating out of China, has caused a global pandemic. But COVID-19 is not the only virus originating out of China.

During the past two weeks Country IP Blocks has been monitoring large scale cyber attacks also allegedly originating from China. These attacks are centered around compromising email servers, so large-scale influxes of Ransomware and other virus, trojans, etc., can be released into the wild. The attacks are also looking for server vulnerabilities so malicious files can be stored on your servers.

Country IP blocks is issuing the following alert: If you are not doing business in or with China at this time, we recommend that you quarantine your network and systems by blocking all cyber traffic from China for a limited time. If you are doing business with China, we recommend you take steps to carefully examine all cyber traffic from China.

We realize this is an unprecedented step, but the danger is great. As a courtesy, we are releasing a free, aggregated list, in CIDR format, of all China networks. This ACL is available for download at https://www.countryipblocks.net/downloads/china_aggregated.txt.

This ACL list may be used in your hardware or software firewalls until further notice.

Posted on

Aggregating IP Networks for More Efficient Access Control Lists

When it comes to network security and specifically the use of Access Control Lists, Network Managers, IT Managers and those managing inbound access can have their hands full when they create ACLs containing large amounts of data. For example, if you created an ACL to allow only the US and Canada the list may contain close to 80,000 networks. This requires 80,000 lines in your ACL.

Large ACLs may become unruly, cumbersome and difficult to manage. They also can be a drain on hardware and software resources, taxing memory while overloading some firewalls. Aggregation is the solution.

Aggregating these IP ranges offers an excellent remedy to this problem. Aggregation is an excellent solution to reducing the size of large Access Control Lists.

Network Aggregation is not a summary of networks within your ACL. Network Aggregation is a method used to consolidate your Access Control Lists. It accomplishes this by combining contiguous networks within your Access Control Lists into as many larger network ranges as possible. After consolidation, the result is then converted into valid IP networks.

For example, if you had the following two networks: 192.168.0.0/24 and 192.168.1.0/24 you could aggregate them and the result would be 192.168.0.0/23.

Aggregating the US and Canadian networks currently reduces the size of your Access Control Lists by 71%, while still maintaining the exact same number of IP addresses.

Another excellent example of the power of aggregation is the networks assigned to Italy. As of today, April 10, 2019, Italy has 171,995 networks assigned (more if you look at network reassignments and further subnetting). Imagine working with an Access Control List containing this many lines. If you aggregate these networks you can reduce the size of your ACL by 96.9% or to 5,325 lines. An incredible improvement.

Currently, Country IP Blocks includes our Aggregation Module with new license purchases.

Make your network security more efficient by using aggregation.