I recently started to tinker with Docker out of interest and to get into some new apparently hot topics. Being a vmWare certified professional, I mostly had experience with - well - virtual machines, may they be vmWare or KVM/QEMU. Docker promises some advantages over those technologies.

Thanks to some good pointers from Vibhor Amrodia here, I was able to rewrite my Linux Netfilter countryblock script to create object-groups for Cisco ASA firewalls which can easily be used in access-lists. This example loads the IP-ranges of China, Korea and Palestine from and creates a config file. This config file can easily be copied from a TFTP server to the running config of the ASA. I chose those 3 countries because the vast majority of probes, scans and SIP fraud attempts on my network come from there.

German IT-news service heise online reports about a dangerous change which comes with the update of Google's Android app store "Play". According to heise, after the update, app permissions will be organized in groups and apps can request new permissions from a permission group for which they already have permission, without additional user approval. Until now, users have to explicitly approve every newly requested permission on update.

In recent times, port probes, spam mail and also SIP attacks / SIP fraud have increased massively and it mostly comes from China, Korea and Palestine. If you run Linux as perimeter firewall, blocking those 3 (and any other you like) is fairly easy. This script downloads the respective network lists from and inserts rules at the start of the INPUT and FORWARD chains, so IPs from any of those networks can neither reach your firewall not any system behind it.

Page 1 of 5