Comment by UltraSane
4 months ago
of course before implementing this I log all IPs and verify that we don't have any legitimate traffic coming from non-US IPs. and whitelisting a few IPs isn't a big deal. Of course a medium sized manufacturing company in the Midwest isn't going to have much need for people connecting to use outside the US.
I'm actually working to get rid of any public IPs that isn't a VPN access point.
> any legitimate traffic coming from non-US IPs.
If it's not actually reaching you to log in and what not, how do you know it's legit or not?
How do you know it's US traffic or not in the end?
I'm not saying it's not something anyone can reasonably do, but I've both been the gatekeeper required to implement/support such a policy and been someone burned by it. It shouldn't be assumed the block lists are actually that good.
This is an argument over the accuracy of georeferencing IP addresses and in my experience it is adequate for my needs.
Je suppose que le Texas est au Québec.
2 replies →