Skeptical.me
Very Senior Member
You block ALL of those countries? Does that ever cause issues?
Skynet Show Country Names instead of Codes?
- Thread starter TheLyppardMan
- Start date
Viktor Jaep
Part of the Furniture
I've been blocking these for years with zero ill effects...
Code:
sh /jffs/scripts/firewall ban country "ru cn kp ir iq sa ae pk af az ba bg hr cu cz eg ee ge va hu id in il kz kw kg lv md om qa ro rs sk si sy tr ua uz"
SomeWhereOverTheRainBow
Part of the Furniture
here is mine,
Code:
sh /jffs/scripts/firewall ban country "af bd br cn hk hu id il in iq ir kp kr no pk pl ro ru sa th tr ua gb"
BreakingDad
Very Senior Member
Almost never, the occasional website that I actually want to see get's blocked, but I just whitelist it, or find another website with the same info. It is very very rare though.
Why do you block so many countries?
Viktor Jaep
Part of the Furniture
You have to ask yourself... is there any good or valid reason for any of your devices on your home network to be directly transmitting data to servers (or individuals) in North Korea? Russia? China? Iran? Iraq? The list just goes on... You would be surprised by the number of outbound blocks coming from my kids cellphones trying to reach services in banned countries, and wish I had time to dive further into which apps/services are making these calls. But who wants to uninstall TikTok, right??
BreakingDad
Very Senior Member
Mainly what @Viktor Jaep just said, that and I have zero reason to connect to any of those countries and they (should) have zero reason to connect to me. It makes pretty much no difference to our internet experience, everything we need connects and works fine, while mitigating potential suspicious activity from the blacklisted countries.
Tech9
Part of the Furniture
So, you guys have decided to apply your own political, religious and even racial believes on your family members because some governments apply their own political, religious and racial believes on their citizens? This is an interesting strategy. If your decision is based on hackers per country, you have to follow a list like this one:
cyware.com
You have blocked major Internet hubs and support centers for no good reason, hundreds of popular companies and services, and whoever wants to hack you has a very easy workaround using a proxy in another country you perceive as friendly. My opinion hasn't changed - you only limit yourselves.
What's wrong with people living in Iran and Iraq? If government officials or extremists want to launch a cyber attack they'll do it from a server in different country or from a different country physically. For sure, don't have any doubts. I was recently trying to help a guy from Pakistan. I've heard bad things about this country, honestly. Perhaps I had to tell him straight to f**k off? Do you run Asuswrt-Merlin and Entware? Who's Entware maintainer? You perhaps have to stop for consistency. When it's about benefits - yeah, keep updates and new packages coming! What's wrong with you?
Top 10 Countries with most hackers in the world | Cyware Hacker News
Best Hackers in the World – Following are the top 10 countries with most cyber criminals that have expertise in hacking: China, USA, Turkey, Russia, Taiwan, Brazil, Romania, India, Italy and Hungary. Read More about these best hackers!
cyware.com
You have blocked major Internet hubs and support centers for no good reason, hundreds of popular companies and services, and whoever wants to hack you has a very easy workaround using a proxy in another country you perceive as friendly. My opinion hasn't changed - you only limit yourselves.
What's wrong with people living in Iran and Iraq? If government officials or extremists want to launch a cyber attack they'll do it from a server in different country or from a different country physically. For sure, don't have any doubts. I was recently trying to help a guy from Pakistan. I've heard bad things about this country, honestly. Perhaps I had to tell him straight to f**k off? Do you run Asuswrt-Merlin and Entware? Who's Entware maintainer? You perhaps have to stop for consistency. When it's about benefits - yeah, keep updates and new packages coming! What's wrong with you?
Last edited:
Smokey613
Very Senior Member
My thoughts exactly……
Viktor Jaep
Part of the Furniture
Nothing against any of the citizens living in any of these countries... believe me. But I don't need to communicate with them... and they certainly don't need to be communicating with us on our own home network. If they desperately want to communicate, there's other ways.So, you guys have decided to apply your own political, religious and even racial believes on your family members because some governments apply their own political, religious and racial believes on their citizens? This is an interesting strategy. If your decision is based on hackers per country, you have to follow a list like this one:
Top 10 Countries with most hackers in the world | Cyware Hacker News
Best Hackers in the World – Following are the top 10 countries with most cyber criminals that have expertise in hacking: China, USA, Turkey, Russia, Taiwan, Brazil, Romania, India, Italy and Hungary. Read More about these best hackers!
You have blocked major Internet hubs and support centers for no good reason, hundreds of popular companies and services, and whoever wants to hack you has a very easy workaround using a proxy in another country you perceive as friendly. My opinion hasn't changed - you only limit yourselves.
What's wrong with people living in Iran and Iraq? If government officials or extremists want to launch a cyber attack they'll do it from a server in different country or from a different country physically. For sure, don't have any doubts. I was recently trying to help a guy from Pakistan. I've heard bad things about this country, honestly. Perhaps I had to tell him straight to f**k off? Do you run Asuswrt-Merlin and Entware? Who's Entware maintainer? You perhaps have to stop for consistency. When it's about benefits - yeah, keep updates and new packages coming! What's wrong with you?
But I do have something against nation-state hackers who might be using their own country's infrastructure for C&C purposes, but like you said they could very easily be launching attacks from our own soil. I'm sure it's pretty likely in this case.
I also have something against ransomware and crime gangs who also, though not as sophisticated as a nation-state, may also be utilizing their own "protected" infrastructure to launch or instigate attacks. Attackers like these may shield themselves behind the veil of their nation-state, making it practically impossible for the FBI/CIA or other such authority to press charges and go after the criminals.
Country blocks will shave off a nice slice of that risk pie, but isn't a cure-all. My hope is that if we do get hit with some kind of malware, or some sneaky app or roomba vaccuum appliance is trying to exfiltrate our data, that this method will stop it in its tracks. It may work for some attacks, but not for others. That's all.
Tech9
Part of the Furniture
Why did you decide Russia, Iran, Iraq and... the list just goes on including bunch of EU and other European countries, Israel, middle East, central Asia etc... have something against you when your own country is No.2 in the hackers list? Obviously that's not all - not only hacking possibility precautions, but something else involved as well. You have to take down some of your scripts because they use Russian software. You can't take something from those people and block them at the same time because they are presumably bad guys. Do you own any products Made in China with network connectivity?
L&LD
Part of the Furniture
The usual suspect is on the wrong track again.
The point is to minimize the attack surface, while still getting valuable benefits while online.
Nothing political here. No religion either. Or racial. Strawman arguments (again).
What the tool allows us to do is decide who we connect to (and are allowed to be connected from). To the best of our current ability.
Some just like to argue because they think they're good at it.
Done.
The point is to minimize the attack surface, while still getting valuable benefits while online.
Nothing political here. No religion either. Or racial. Strawman arguments (again).
What the tool allows us to do is decide who we connect to (and are allowed to be connected from). To the best of our current ability.
Some just like to argue because they think they're good at it.
Done.
Viktor Jaep
Part of the Furniture
Russia is waging cyberwar on the Ukraine and other western nations that ally with them as we speak, if you haven't noticed. Russian nation-state hackers and mobsters tend not to attack their own. Eastern Bloc countries have a notorious problem for cyber crime rings. Israel is a haven for nation state hacking, not only against the US but other countries as well, such as Iran and Iraq. Each of these countries have sophisticated hackers as well that are targeting the western world. North Korea, surprisingly, being such a tiny hermit state, has shown some surprisingly damaging hacking capabilities.
I'm sure the US is #2 on the hackers list, however, if I apply a country block on the US, it effectively turns off my ability to use the websites and services within the country that I need to use for work, entertainment, etc... I'm certain foreign hackers are going to use the US as a launching pad for their attacks, but that's a risk I'll just need to live with.
You are making it sounds like the entire US is blocking these countries and "these people" from communicating with me... and creating such a hardship for everyone over there. Well, that's not the case. It's just me. My lowly little DHCP WAN address that changes on a periodic basis. They are welcome to email me. They are welcome to compile their Entware binaries and share them with the world. They are welcome to download my scripts to help secure their environments a little more. My surrounding neighbors have no problems letting potentially malicious Russian, Chinese or North Korean traffic flow across their home network. It's just not for me.
Tech9
Part of the Furniture
Viktor, we agree on many things, but I don't agree on censorship. You apply censorship on your family members. It's not just you on this network and it's not based on hacker activities only. You block access to countries you personally don't like for various reasons cutting off alternative information sources as well. This doesn't increase your security because of the way firewall works. You're not stopping anyone reaching you if they want to, but stopping your network users reaching big part of Internet. I don't block any countries and I never had any issues. How can you explain that? I also have family and kids. What you did is similar to extreme Parental Controls including on your wife. Your choice, but my reaction was a result of your rhetoric questions if we want to see data from specific servers. This forum is open to Internet and we have members from the countries you have listed. It's offensive to people who have no intentions to do any harm, but happens to live in those countries. You shared your list before and I said nothing. The explanation is the issue I see.
Anyway, we have to disagree on something.
This is the case, most likely:
Skynet - Is default firewall good enough?
Sorry if this has been asked before, I just wanted opinions. Do you think the default AX86U firewall, combined with the usual windows firewall is good enough, and is there any real advantage in using Skynet? We also all have malwarebytes premium installed, trendnet on and adguard with all...
www.snbforums.com
Last edited:
Viktor Jaep
Part of the Furniture
So be it. Agree to disagree.Anyway, we have to disagree on something.
Cyber Threat Map | FireEye
See recent global cyber attacks on the FireEye Cyber Threat Map. Sign up to be alerted when attacks are discovered.
Skeptical.me
Very Senior Member
Is gb Great Britain?
Smokey613
Very Senior Member
Skeptical.me
Very Senior Member
I banned all those countries and it stopped my VPN client from working properly, ExpressVPN. I was connected to an Australian server but when I did a test on ipleak.net it showed my ISP IP address. So I got rid of all those countries and just like that, it worked again. I could be wrong but it certainly appears to have been the blocked countries causing it. I won't block any for now.
BreakingDad
Very Senior Member
Just like you would on allowing minors to access inappropriate websites, or even blocking adverts over your network (what if someone WANTS to see that ad)
I want to do all I can to protect my family and myself from rogue states. Have you not just applied your own censorship on this very forum for example, because you don't like someones viewpoint? Basically the same thing.
Like RT?
That is a good thing. I will probably add more countries at some point.
You don't want to, that is also fine, (although I disagree with exposing ones family like that) and it's your choice; you've had no problems, that is great- until the day you do have a problem.
Please respect others choices, it is not black and white and does not mean we think every citizen shares the same values as their leaders or we think every citizen of that country is corrupt. It's about risk mangement and mitigation.
Last edited:
Similar threads
Similar threads
Similar threads
-
DomainVPNRouting "ip rule show" does not take any arguments- Started by Tarek Yag
- Replies: 15
-
Skynet show inbound block on Digital TV Vlan300
- Started by poudenes
- Replies: 4
-
Blocking “RO” country code in Skynet blocks Proton VPN UK connections- Started by Gary_Dexter
- Replies: 2
-
Skynet Problem with country block for incoming connections
- Started by crq
- Replies: 5
-
Latest threads
-
Release ASUS ZenWiFi XP4 Firmware version 3.0.0.4.386_47475 (2024/11/25)
- Started by fruitcornbread
- Replies: 0
-
Release ASUS RT-BE88U Firmware version 3.0.0.6.102_37094 (25 Nov. 2024)- Started by Treadler
- Replies: 1
-
-
-
Solved [Disregard] DNS Director stopped working on 3004.388.8_4?
- Started by Wonko
- Replies: 1
Support SNBForums w/ Amazon
If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!
Staff online
-
thigginsMr. Easy