Re: IP ranges used in North America, Hawaii, and Alaska?

From: ibuprofin@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin)
Date: Mon, 19 Dec 2005 19:40:59 -0600

On Mon, 19 Dec 2005, in the Usenet newsgroup comp.os.linux.security, in article
<069eq1d59ahj4h9qpm179led8126r7foti@xxxxxxx>, Alan Jones wrote:

>I'm allowing, inbound to port 25, only 'ARIN' controlled IP ranges.
>As you know, ARIN serves North America.

Not so.

[compton ~]$ cat IP.ADDR/stats/ARIN | cut -d' ' -f1 | sort -u | column
AG BB CH FI HU JP LC PR VG
AI BE CZ FR IE KN LU SE VI
AR BM DE GB IL KR NL SG
AT BS DO GD IT KY NO TR
AU CA ES HK JM LB PL US
[compton ~]$

Since when is Argentina (AR), Austria (AT), Australia (AU), Switzerland
(CH), The Czech Republic (CZ), Germany (DE) and so on in North America?

>Any problems arising from that policy will be handled individually. Any
>additional needed avenues will be opened up on a case-by-case basis.

Do you really expect to get mail from all of the blocks in North America?

>I just feel that is a more productive approach than trying block
>what seems to be an endless range of IP's from countries that
>have no business viewing my web pages let alone connecting to
>port 25.

You may find it easier to use the Tactical Nuclear method of filtering.
For example, if you don't expect US business like HP, GE, or IBM to
want to connect, you can poke holes at 4.0.0.0/8, 8.0.0.0/8, 12.0.0.0/8
24.0.0.0/8 (but some of that block is used elsewhere)

[compton ~]$ grep -h ' 24\.' IP.ADDR/stats/[ALR]* | cut -d' ' -f1 | sort
-u | column
AR BS CA CL NL PR US
[compton ~]$

38.0.0.0/8, 46.0.0.0/7, 63.0.0.0/8, 64.0.0.0/4, 192.0.0.0/8 (again, lots
of countries), 196.0.0.0/8, 198.0.0.0/7, (same problem), 204.0.0.0/6,
208.0.0.0/7 and 216.0.0.0/8 while blocking or ignoring everything else.

You may wind up missing a lot - but that's your decision. But even with
these Draconian rules, you're not going to block all "non North American"
IPs.

Old guy
.

Follow-Ups:
- Re: IP ranges used in North America, Hawaii, and Alaska?
  - From: Alan Jones

References:
- IP ranges used in North America, Hawaii, and Alaska?
  - From: Alan Jones
- Re: IP ranges used in North America, Hawaii, and Alaska?
  - From: Moe Trin
- Re: IP ranges used in North America, Hawaii, and Alaska?
  - From: Alan Jones

Prev by Date: Re: successfully installed openssl on hosted server - host says there i sno security unless I buy separate certificate - is that right?
Next by Date: Re: IP ranges used in North America, Hawaii, and Alaska?
Previous by thread: Re: IP ranges used in North America, Hawaii, and Alaska?
Next by thread: Re: IP ranges used in North America, Hawaii, and Alaska?
Index(es):
- Date
- Thread

Relevant Pages

Re: IP ranges used in North America, Hawaii, and Alaska?
... >>I'm allowing, inbound to port 25, only 'ARIN' controlled IP ranges. ... >>As you know, ARIN serves North America. ... >these Draconian rules, you're not going to block all "non North American" ...
(comp.os.linux.security)
Re: Women Arent WAITING
... Americans are well known to take many driving trips of such ranges," ... Not all households in North America even HAVE an automobile. ... Last I heard there were no medals for driving---so both Heidi and your ...
(soc.men)