Re: IP ranges used in North America, Hawaii, and Alaska?
- From: "prg" <rdgentry1@xxxxxxxxxxxxx>
- Date: 19 Dec 2005 12:09:44 -0800
Alan Jones wrote:
> Here's the list. Please tell me what you think...
> http://www.iana.org/assignments/ipv4-address-space
>
> On Mon, 19 Dec 2005 14:39:11 +1000, Wayne <4bu53@xxxxxxxxxxx> wrote:
>
> >Alan Jones wrote:
> >> Thanks but I found the 'list' of IP ranges I needed. :)
> >>
> >
> >You do also realise that the list may not be 100% accurate. Those IP
> >assigned may have been through a 3rd party acting as a broker for a
> >non-US party.
If you are trying to cut down on spam, try SpamAssassin.
http://spamassassin.apache.org/
If you're trying to add security to your network, harden your firewall
and tighten down your firewall rules. Review your logs. Deny _all_
connections except the ones you invite.
The list you have might be somewhat useful (for something) if
_everyone_ conformed to its intent. The ones you are trying to keep
out are the ones who don't.
Packets are routed by _destination_ and _not_by_source_ addresses.
Spam will 99.9999999999% of the time have a bogus IP return address
_except_ for an embedded link of some kind, ie., a connection you
_invite_ into your site.
Your "solution" has been proposed and tried by countless numbers of
those unknowledgeable in the ways of routing across the net. It's a
waist of time and firewall resources. It promotes an unfounded sense
of "increased security" -- perhaps the most detrimental and dangerous
thing for _any_ network.
Check here for some rather disturbing insight into how even
"unroutable" IPs are loose on the net:
http://www.completewhois.com/bogons/
[q]
Bogons is the name used to describe ip blocks not allocated by IANA and
RIRs to ISPs and organizations plus all other ip blocks that are
reserved for private or special use by RFCs (the actual term "bogons"
comes from word "bogus", as in bogus ip announcements). As these ip
blocks are not allocated or specially reserved, such ip blocks should
not be routable and used on the internet, however some of these ip
blocks do appear on the net primarily used by those individuals and
organizations that are often specifically trying to avoid being
identified and are often involved in such activities as DoS attacks,
email abuse, hacking and other security problems. These activities
obviously pose great danger to everyone and ***ISPs***[emphasis added]
should try to filter all these bad ip routes and we are trying to help
in that by working to create complete detailed list of unassigned bogon
ips based on whois data.
[eq]
http://www.completewhois.com/bogons/data/bogons-cidr-all.txt
http://www.completewhois.com/bogons/bogons_usage.htm
http://www.completewhois.com/hijacked/index.htm
http://www.completewhois.com/bogons/ipwhois_data_analysis.htm
http://www.completewhois.com/bogons/data/ <-- the current data
http://www.completewhois.com/statistics/index.htm <-- stats re: your
IANA list
http://www.completewhois.com/statistics/country_statistics.htm
http://www.completewhois.com/statistics/data/ips-bycountry/rirstats/
http://www.completewhois.com/rbl_lookup.htm
ISPs have (or should have) the resources to filter these problems
_without_ crippling the flow of legitimate traffic. You do not. Note
that even this effort has been something less than a stellar success.
And the idea of blocking out the _world_ at large (non-US) makes the
net rather pointless, don't you think?
The most successful(?)/used approach is to use RBLs and DNSBLs
(black/block lists) of "known" or suspected spammers or even netblocks
without DNS ptr records. Try these:
http://www.completewhois.com/rbl_lookup.htm
http://openrbl.org/
http://wiki.openrbl.org/wiki/Main_Page
http://www.nl.sorbs.net/ <-- a _very_ aggressive black list
http://spamblock.outblaze.com/spamchk.html
http://www.dnsstuff.com/tools/ip4r.ch?ip=you.rIP.add.res
EGs.,
http://www.dnsstuff.com/tools/ip4r.ch?ip=24.204.27.78 <-- a bogon that
I chased last year
http://groups.google.com/groups?hl=en&lr=lang_en&ie=ISO-8859-1&q=cablelynx.com&btnG=Search&meta=group%3Dnews.admin.net-abuse.sightings
[Yes, even google helps in a chase]
Additional info:
http://www.abuse.net/
http://spam.abuse.net/userhelp/
http://www.arin.net/reference/index.html
This barely scratches the surface ;-(
good luck,
prg
.
- Follow-Ups:
- Re: IP ranges used in North America, Hawaii, and Alaska?
- From: Cameron L. Spitzer
- Re: IP ranges used in North America, Hawaii, and Alaska?
- From: Alan Jones
- Re: IP ranges used in North America, Hawaii, and Alaska?
- References:
- IP ranges used in North America, Hawaii, and Alaska?
- From: Alan Jones
- Re: IP ranges used in North America, Hawaii, and Alaska?
- From: Felix Tilley
- Re: IP ranges used in North America, Hawaii, and Alaska?
- From: Alan Jones
- Re: IP ranges used in North America, Hawaii, and Alaska?
- From: Wayne
- Re: IP ranges used in North America, Hawaii, and Alaska?
- From: Alan Jones
- IP ranges used in North America, Hawaii, and Alaska?
- Prev by Date: Re: IP ranges used in North America, Hawaii, and Alaska?
- Next by Date: Re: IP ranges used in North America, Hawaii, and Alaska?
- Previous by thread: Re: IP ranges used in North America, Hawaii, and Alaska?
- Next by thread: Re: IP ranges used in North America, Hawaii, and Alaska?
- Index(es):
Relevant Pages
|
