Hǝllo’ ʍɥɐʇ,s ʎonɹ uɐɯǝ¿

I get a helpful security alert for a couple of webservices that I own.

The security alert gives me threat-metrics based on attempts to gain access (or overpower the webservices through a DDoS attack).

The threats are categorised by IP address ranges assigned to countries, and the output is ordered by country.

Which is, of course, meaningless.

As easily as I could GPS-spoof your Satnav, I can IP-spoof a country’s IP ranges.

I suppose security alerts (and the IT security industry in particular) need to hang their hats on something, but using national-specific IP ranges aren’t the right pegs.

Bookmark the permalink.

Comments are closed.