Hello Scott, Azure's IP space, updated once a week with one week lead before they go live - https://www.microsoft.com/en-us/download/details.aspx?id=56519
From the looks of the json filename, it is changed after each release, so I wouldn't recommend re-downloading the below json file for new updates - https://download.microsoft.com/download/7/1/D/71D86715-5596-4529-9B13-DA13A5DE5B63/ServiceTags_Public_20210531.json AWS - https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html - If the download URL doesn't change (doesn't seem to me that it does), you can go straight to https://ip-ranges.amazonaws.com/ip-ranges.json. If you have an AWS account, you can sign up for notifications when new subnets are added. (It requires using their SNS service.) GCP - https://cloud.google.com/compute/docs/faq#find_ip_range - If the download URL doesn't change (doesn't seem to me that it does), you can go straight to https://www.gstatic.com/ipranges/cloud.json -joe On 6/5/2021 at 7:22 AM, "Michael Peddemors via mailop" <[email protected]> wrote: > >Sorry, bit laid up and typing with one hand, but luckily all the >top >three publicly list their IP(s), unfortunately they do it via web >URLs' >that you need to parse instead of via say a rwhois entry. > >(some are listed at various services you can query in RBL format >such as >RATS-AZURE) > >Some you can check via PTR naming conventions, and others you can >do an >ASN lookup. > >don't have the URL's handy, but welcome to reach out off list. > > > >On 2021-06-04 4:08 p.m., Scott Mutter via mailop wrote: >> On Fri, Jun 4, 2021 at 1:24 PM Michael Peddemors via mailop >> <[email protected] <mailto:[email protected]>> wrote: >> >> With apache, you can use modsecurity quite easily, and you >can block >> all >> azure (and other cloud providers ranges) from certain >services like >> wordpress, or contact forms etc.. (you can even do dns based >checks or >> rbldnsd) .. >> >> >> Are there any links for this? AFAIK mod_security is just a >module - to >> actually do anything it requires a ruleset. Further from that, >how does >> it determine what is Azure and what is not? Is it just blocking >IP >> addresses? Seems you'd need a list of all of the Azure IP >address >> space. And from what I have seen the offending IPs are all over >the place: >> >> 157.55.39.138 >> 207.46.13.5 >> 20.83.33.136 >> 20.94.247.9 >> 40.124.141.27 >> 40.124.141.27 >> 40.124.193.244 >> 40.76.220.206 >> >> Are just a few. >> >> But if there's a way to block Azure and other cloud based >services, I'd >> be interested in that. But I'd suspect you'd need a list of all >of >> their IP address spaces - is that information available some >where? >> >> >> _______________________________________________ >> mailop mailing list >> [email protected] >> https://list.mailop.org/listinfo/mailop >> > > > >-- >"Catch the Magic of Linux..." >------------------------------------------------------------------- >----- >Michael Peddemors, President/CEO LinuxMagic Inc. >Visit us at http://www.linuxmagic.com @linuxmagic >A Wizard IT Company - For More Info http://www.wizard.ca >"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices >Ltd. >------------------------------------------------------------------- >----- >604-682-0300 Beautiful British Columbia, Canada > >This email and any electronic data contained are confidential and >intended >solely for the use of the individual or entity to which they are >addressed. >Please note that any views or opinions presented in this email are >solely >those of the author and are not intended to represent those of the >company. >_______________________________________________ >mailop mailing list >[email protected] >https://list.mailop.org/listinfo/mailop _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
