Chapter 3. Analyzing and Blocking Malicious Traffic Based on Geolocation

Information in this chapter:

▪ Research and Due Diligence

▪ Implementing a Solution

▪ Integrating with TMG

Products, Tools, and Methods:

▪ MS SQL Server

▪ TMG

▪ Visual Studio (C#/Visual Basic for Applications)

▪ TMG Logging to SQL Server

▪ SQL CLR

▪ TMG Deny Rules

This chapter illustrates how to create database objects to represent every country's individual ranges of IP addresses, and how to use this data to create individual sets of TMG computer objects to use for rule sets.

Keywords: TMG, Geolocation, SQL, Blocking Malicious Traffic

Introduction

Years back, while working on a research project involving SQL Slammer and the persistence of vulnerable installations around the globe, I ...

Get Thor's Microsoft Security Bible now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Thor's Microsoft Security Bible by Timothy Thor Mullen

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly