Uma

you forgot 186 and 192 user

That is exactly how it works you fucking dumbass

Start with this

github.com/jedisct1/dnscrypt-plugin-geoip-block -- Block DNS queries according to the country they resolve to

Use something enterprise class like Cisco Firepower Threat Defense and you can setup GeoIP filtering easily. Pic related.

they are

You dont understand what CIDR is do you?

>use something eneterprise class for your home

lol no. You can firewall off GeoIP's without blowing your money on Cisco gear intended for copriations

>Cisco Firepower Threat Defense
user I hope you have an FTD appliance and didn't buy that retarded tacked on FP module for ASAs.

>he doesnt use enterprise class equipment at home
laughingsluts.tga

Its a virtual firewall, and I cracked it. You can find my cracking notes on certcollection under the name muh fugen. Minimum requirements are 16GB RAM and 8 cores though.

They're really both the same. The FTDV VM is the same as the FTD appliances, but they're all hacks of a ASA + Sourcefire. If you ssh in to your FTD and run "system support diagnostic-cli" it will dump you in to the ASAv command prompt.

>Uma
lol

Isn't this whole fucking LACNIC? You'd be blocking every country in South America, not only Brazil.

Are you telling me that anyone in South America has anything worth importance to say online?

trapped foreigners asking to be evacuated?

How do I know if you put your own botnet into it.
Why would yo share it

That's not what the OP asked.

>I cracked it
That's pretty neat. Do you get any definition updates and are you able to use their cloud lookup service for file hashes?

Use pfsense

Only way to be safe.

Yes, and they're retarded. They need to use a managed service like Cisco FTD or whatever Palo Alto sells which queries the whois information for the various registries and publishes updates to the appliances weekly.

DNS is a problem, so are CDNs. Pic related, i've accessed servers in Brazil just for gstatic.com which is part of google's services.

Because I wrote the instructions on how to crack it manually. You're not uploading code, youre editing it yourself and modifying a SQL database. It takes like 5 minutes. For the pirated copies of the software you can check the checksums against Cisco's website.

Yes you get everything as it is just in a ~20 year evaluation mode.

Will this work?

#!/bin/bash

wget -P . ipdeny.com/ipblocks/data/countries/br.zone

for i in $(cat ./br.zone ); do ipset -A brazil $i; done

echo "Brazil is blocked"

why don't u want people from brazil user?

Sounds good.

no one wants monkeys

What are you running there? Some dnschanger or something?

I have 8 DNS servers at home. I query the root servers directly rather than using a forwarder.

Whats more secure / safe? Your method or dnscrypt? Do you use both?

>no one wants monkeys
Not all are black in Brazil as not all are white in the usa. Your logic fails.

But no one chooses to live in brazil

Wait, can you do this but with DDNS servers instead of countries?

>dnscrypt
I'm not too familiar with dnscrypt but from looking over it, it is fairly pointless compared to running your own DNS servers. It encrypts the traffic to prevent evasdropping and MiTM attacks, but this would only between you and their forwarder, it still has to go from their forwarder to the root servers unencrypted and vulnerable to MiTM attacks. I have basically the same thing by having 2 of my 8 DNS servers in a PVLAN which only has internet access via a OpenVPN tunnel.

what happens if you block all 192 but your router is 192.168 address block?

I'm brazillian
why u block us
I report u

You'll need ipset -N brazil hash:net as your first line. Otherwise the loop will fail to find the set.

>You can find my cracking notes on certcollection under the name muh fugen
link user? I found your SO account but don't see cracking notes.

Why would you even bother? The Huezilians aren't smart enough to attack you.

give me many plox

You have to create a account and then click Thanks. Do it for root0's post to get the magnet link to download the software. You need both the NGFWv VM and the Firepower Management Center VM.

certcollection.org/forum/topic/290172-firepower-ngfwv-collection/page__st__28

Thanks user! That shit's not indexed by search engines.. appreciate it.

...

wtf is this meme

No problem. Check the thread again when 6.2.1 or 6.2.2 comes out. The current version is 6.2.0.2 and doesnt support Remote Access VPNs. I think my crack will work for them but I can't test it now since the code isnt out yet (but will be in the next month or so). I'll update my post once i've verified the VPN features are cracked. Here is the link to the Firepower Management Center

certcollection.org/forum/topic/290170-firepower-management-center-collection/page__st__140

And follow the quick start guide on Cisco's webpage to the letter. It is intuitive to get up and running and behaves differently depending on the type of virtual NICs you use.

hues eating monkey soup

sopa de macao UMA DELICIA

>intuitive
unintutive

should also add pakistan and indian IPs there too

nobody needs them

fuck turks too

you need to install gentoo on your router

Man unrelated but I hate websites like this because they expose the stupidity of people who use brain dumps. Even on one page of that thread you posted:
>Hurr how do I install VMware
>Hi guise what's the default password of this well known appliance from a major vendor with 1000s of pages of documentation available :-)
>Need instructions it no work

These are the people that cheat to get certifications and completely fuck shit up once they inevitably get hired by some HR bimbo.

So why are you doing this? BR trolled you too much on Sup Forums or on a mmorpg? It's not going to prevent them from interacting with you.

#!/bin/bash

ipset -N brazil hash:net

wget -P . ipdeny.com/ipblocks/data/countries/br.zone

for i in $(cat ./br.zone ); do ipset -A brazil $i; done

iptables -A INPUT -p tcp -m set --match-set brazil src -j DROP

echo "Brazil is blocked"

This should work.

>inevitably get hired by some HR bimbo
>to fullfill a diversity requirement
ftfy

I'm not OP, i'm the guy who told him how he could do it and cracked Cisco FTDv. I posted why doing this would be a bad idea here

Thanks, will totally do this w Russia

>>to fullfill a diversity requirement
Usually but not always. The tier 1 helpdesk team at my company somehow conned their manager into buying a license for one of those exam simulators and a subscription to some dump site. Every time I walk past their area, every single one of them is memorizing answers to some Microsoft or Cisco cert. Lord help whatever company hires those idiots to do anything above fixing Outlook.

#!/bin/bash

ipset -N US hash:net

wget -P . ipdeny.com/ipblocks/data/countries/us.zone

for i in $(cat ./us.zone ); do ipset -A us $i; done

iptables -A INPUT -p tcp -m set --match-set us src -j DROP

echo "Amerifats ate blocked"

Pick a DNS that doesn't have servers in Brazil. Why would you use googles dns in the first place. If you're gonna go full botnet at least pick OpenDNS that blocks some malware sites but still.

Yeah i've never gone for certs for this reason. The only cert I have is in a obscure asset management program which was a requirement/a previous job paid for right after I got hired.

You dont understand how DNS works do you?

And i'm not using google's DNS, I run my own servers which query the root servers directly, and then in turn query the authoritative name servers for the relevant domains.

>buttmad macaco detected
kek
>buttmad sjw detected
kek

silly user why do u think brazil has so many different races? everyone loves hueland, especially europeans. maybe u ate too much burger u got dizzy?

SOPA

hey user, do you run those CISCO services as VMs on AWS/Azure or something? do you use it to guard your websites?

iptables -A INPUT -s huehuehue -j DISCARD

lol

...

Yes they're VMs, but hosted at home. No I use it for inter-VLAN routing and acting as a internet gateway.

Neat. What kind of OS/hardware would I need to run it as firewall for my 3 computers?

tfw block all traffic from brazil/mexico/africa/spain/china/middleeast/korea

tfw no more constant port scanners

>YU RAYSIS user

nah im just a /white hat/ white male ;)

Link the fucking thread you nigger.

at least 2 VMs, one for Firepower Threat Defense one for Firepower Management Center. Each VM requires at least 4 cores and 8 GB RAM. If you want HA then obviously you need a 3rd VM.

read this thread you retard

bixnood.net

XD LOL111!ONE!!

T'es trop con

Also if you want to integrate it in to AD you need another windows VM for the user agent although it only needs 1 core/1GB RAM.

s-sorry

thanks user