Is there a place to get a list of currently allocated IP space by
country? I am considering doing something similar but will probably
not do an all out block but maybe do some connection rate limiting of
IP space from those countries.


On 3/6/06, David E. Smith <[EMAIL PROTECTED]> wrote:
> Mac Dearman wrote:
> > 90% of spam messages to our network and 99% of the DOS attacks we are
> > suffering are in the IP space of RIPE network and I am considering
> > blocking all IPs from RIPE.  What would be the most detrimental affect
> > of this for my clients? other than the obvious no traffic to/from the
> > EU?  Anyone else ever done this? If I were a National ISP I realize I
> > couldnt do this - - keep in mind I serve a local rural network :-) in
> > Louisiana
> Technically, there shouldn't be any major issues. Heck, depending on
> what kind of router you use, you may even be able to automate the
> process (completewhois and Team Cymru both offer a number of crazy BGP
> feed options, you may be able to just get a BGP feed from one of them
> that has a more-or-less current list of RIPE IPs and just route 'em to
> Null0).
> I'm real close to just blocking all of China and Brazil for the same
> reason - too much spam and random DDOS traffic originating from there.
> (I haven't seen very much from RIPE space, by comparison.)
> There is bound to be more than a few legitimate applications hosted in
> RIPE space that, sooner or later, you or one of your end-users will want
> to see. Consider starting with "merely" blocking SMTP traffic, or (if
> your mail filtering system supports this) just tagging mail from RIPE
> space as potential spam. And there are other ways to detect and block
> potential DDOS traffic, though I can't afford most of them, so I'm not
> the best person to ask on that point.
> If you really want to stir something up, go ask this question on the
> NANOG list. :D
> David Smith
> --
> WISPA Wireless List:
> Subscribe/Unsubscribe:
> Archives:
WISPA Wireless List:



Reply via email to