Some technical help, please?
Oct. 19th, 2007 09:10![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
mapsedgeRegarding Subnet Masks:
We're getting some SQL injection attacks through our websites from someone in China, specifically (today) 219.135.103.53. Our system is written to be resistant to that sort of thing but because I'm a vindictive bastard, and because I'm tired of my Inbox being full of notifications of "un-runnable queries", I use IIS to block access by IP.
What I'd like to do now is use a subnet mask and just block everything from 219.135.0.0 up to 219.135.255.255.
Am I correct to set the IP to 219.135.0.0 and the subnet mask to 0.0.255.255...?
EDIT: SORRY. Subnet mask is 255.255.0.0
I've tried to make sense of the documentation - and kinda do within the amount of time I have to do so - and used an online calculator to arrive here. I just want to confirm it because I'm the only guy on this friggin' boat with a hand in the engine.
What I'd like to do now is use a subnet mask and just block everything from 219.135.0.0 up to 219.135.255.255.
Am I correct to set the IP to 219.135.0.0 and the subnet mask to 0.0.255.255...?
EDIT: SORRY. Subnet mask is 255.255.0.0
I've tried to make sense of the documentation - and kinda do within the amount of time I have to do so - and used an online calculator to arrive here. I just want to confirm it because I'm the only guy on this friggin' boat with a hand in the engine.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
Re: Wha??
Date: 2007-10-20 01:57 (UTC)You'll find that access lists (IP Security) on IIS eats processor, which is fine if you've got it to spare, but the right way to do that is with either a firewall or with an acl on a router. Or a combination of both, if you happen to have a Cisco router with a firewalling IOS.
Wikipedia used to have a rather educational article on subnetting and subnet masks.
Re: Wha??
Date: 2007-10-21 16:26 (UTC)