Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

[A computer is] like an Old Testament god, with a lot of rules and no mercy. -- Joseph Campbell

computers / comp.os.vms / Re: List of denied IP addresses

SubjectAuthor
* List of denied IP addressesDavid Turner
+- Re: List of denied IP addressesHenry Crun
`* Re: List of denied IP addressesScott Dorsey
 `* Re: List of denied IP addressesDavid Turner
  +* Re: List of denied IP addressesDennis Boone
  |`- Re: List of denied IP addressesDavid Turner
  `* Re: List of denied IP addressesScott Dorsey
   `- Re: List of denied IP addressesDavid Turner

1
List of denied IP addresses

<DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=21508&group=comp.os.vms#21508

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!buffer2.nntp.dca1.giganews.com!nntp.supernews.com!news.supernews.com.POSTED!not-for-mail
NNTP-Posting-Date: Wed, 23 Mar 2022 03:37:24 -0500
Date: Wed, 23 Mar 2022 04:37:24 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.7.0
Newsgroups: comp.os.vms
Reply-To: dturner@islandco.com
Content-Language: en-US
From: dtur...@islandco.com (David Turner)
Subject: List of denied IP addresses
Organization: Island Computers
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Message-ID: <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com>
Lines: 12
X-Trace: sv3-JWEyg/ooqds9jMw2kusf08CuqHPR6wbGrbvrqozn5geujJGfsxEl76tus1jgUmCEAzqvJoJo5anCPRk!Hl4MFkHShp1m1urL68BfMoC+UIiugIsXuA+/j3AeMUurFT2Nru7QC6hPDiMzXwFqUgvyY/UO4XFL!OHwcsksbSjbAtg==
X-Complaints-To: www.supernews.com/docs/abuse.html
X-DMCA-Complaints-To: www.supernews.com/docs/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 1416
 by: David Turner - Wed, 23 Mar 2022 08:37 UTC

If anyone needs this list, it is a denial list of many naughty state
actors ip addressesand has been useful
for us since it was installed.

Rather long but thorough.

Send an email address to us and we will send it as a zip or text file
whichever helps

David

Re: List of denied IP addresses

<78trgi-hfdn.ln1@alpha.mike-r.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=21510&group=comp.os.vms#21510

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!aioe.org!/+Xreuwnl6wfqIMwA58M8A.user.46.165.242.91.POSTED!not-for-mail
From: mik...@rechtman.com (Henry Crun)
Newsgroups: comp.os.vms
Subject: Re: List of denied IP addresses
Date: Wed, 23 Mar 2022 18:08:07 +0200
Organization: Aioe.org NNTP Server
Message-ID: <78trgi-hfdn.ln1@alpha.mike-r.com>
References: <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="7914"; posting-host="/+Xreuwnl6wfqIMwA58M8A.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
Thunderbird/91.5.0
Content-Language: en-US
X-Notice: Filtered by postfilter v. 0.9.2
 by: Henry Crun - Wed, 23 Mar 2022 16:08 UTC

On 23/03/2022 10:37, David Turner wrote:
> If anyone needs this list, it is a denial list of many naughty state actors ip addressesand has been useful
> for us since it was installed.
>
> Rather long but thorough.
>
> Send an email address to us and we will send it as a zip or text file whichever helps
>
>
> David
>

And for those using Linux, you can deny entire countries using Fail2ban

--
Mike R.
Home: http://alpha.mike-r.com/
QOTD: http://alpha.mike-r.com/qotd.php
No Micro$oft products were used in the URLs above, or in preparing this message.
Recommended reading: http://www.catb.org/~esr/faqs/smart-questions.html#before
and: http://alpha.mike-r.com/jargon/T/top-post.html
Missile address: N31.7624/E34.9691

Re: List of denied IP addresses

<t1fq3j$8on$1@panix2.panix.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=21520&group=comp.os.vms#21520

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!panix!.POSTED.panix2.panix.com!panix2.panix.com!not-for-mail
From: klu...@panix.com (Scott Dorsey)
Newsgroups: comp.os.vms
Subject: Re: List of denied IP addresses
Date: 23 Mar 2022 18:49:23 -0000
Organization: Former users of Netcom shell (1989-2000)
Lines: 11
Message-ID: <t1fq3j$8on$1@panix2.panix.com>
References: <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com>
Injection-Info: reader1.panix.com; posting-host="panix2.panix.com:166.84.1.2";
logging-data="1268"; mail-complaints-to="abuse@panix.com"
 by: Scott Dorsey - Wed, 23 Mar 2022 18:49 UTC

In article <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com>,
David Turner <dturner@islandco.com> wrote:
>If anyone needs this list, it is a denial list of many naughty state
>actors ip addressesand has been useful
>for us since it was installed.

Why not just use a DNS blocklist and let Spamhaus update it instead
of fighting to constantly keep it up to date?
--scott
--
"C'est un Nagra. C'est suisse, et tres, tres precis."

Re: List of denied IP addresses

<HYSdnTRkVrPqJaD_nZ2dnUU7-WVi4p2d@supernews.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=21536&group=comp.os.vms#21536

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!buffer2.nntp.dca1.giganews.com!nntp.supernews.com!news.supernews.com.POSTED!not-for-mail
NNTP-Posting-Date: Fri, 25 Mar 2022 07:41:26 -0500
Date: Fri, 25 Mar 2022 08:41:25 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.7.0
Reply-To: dturner@islandco.com
Subject: Re: List of denied IP addresses
Content-Language: en-US
Newsgroups: comp.os.vms
References: <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com>
<t1fq3j$8on$1@panix2.panix.com>
From: dtur...@islandco.com (David Turner)
Organization: Island Computers
In-Reply-To: <t1fq3j$8on$1@panix2.panix.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Message-ID: <HYSdnTRkVrPqJaD_nZ2dnUU7-WVi4p2d@supernews.com>
Lines: 16
X-Trace: sv3-Cy2hxST1lRtML67Nb+6S6moGULKP3Ky1j6FJwJWfA/9F5YzlIThlWiYl9lV7VDNcB78KBXpmrTD69En!cbIUfgxH+f/849wwJNp19RgMmB7SpVAqwE8HFpgs2uMEB2rwgDAOVhkjT6nXSYPGq2uR8ANI1Gvk!TqaIwvgONg6DRg==
X-Complaints-To: www.supernews.com/docs/abuse.html
X-DMCA-Complaints-To: www.supernews.com/docs/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 1867
 by: David Turner - Fri, 25 Mar 2022 12:41 UTC

On 3/23/2022 2:49 PM, Scott Dorsey wrote:
> In article <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com>,
> David Turner <dturner@islandco.com> wrote:
>> If anyone needs this list, it is a denial list of many naughty state
>> actors ip addressesand has been useful
>> for us since it was installed.
> Why not just use a DNS blocklist and let Spamhaus update it instead
> of fighting to constantly keep it up to date?
> --scott

Using that also - Spamhaus only blocks known actors, not all.

I figure we don't sell to Russia any more anyway. So where's the harm?

Re: List of denied IP addresses

<6PidnWzopu70IqD_nZ2dnUU7-NnNnZ2d@giganews.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=21538&group=comp.os.vms#21538

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!buffer2.nntp.dca1.giganews.com!news.giganews.com.POSTED!not-for-mail
NNTP-Posting-Date: Fri, 25 Mar 2022 08:11:05 -0500
Sender: Dennis Boone <drb@yagi.h-net.org>
From: drb...@ihatespam.msu.edu (Dennis Boone)
Subject: Re: List of denied IP addresses
Newsgroups: comp.os.vms
References: <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com> <t1fq3j$8on$1@panix2.panix.com> <HYSdnTRkVrPqJaD_nZ2dnUU7-WVi4p2d@supernews.com>
User-Agent: tin/2.4.5-20201224 ("Glen Albyn") (FreeBSD/13.0-RELEASE-p6 (amd64))
Message-ID: <6PidnWzopu70IqD_nZ2dnUU7-NnNnZ2d@giganews.com>
Date: Fri, 25 Mar 2022 08:11:05 -0500
Lines: 24
X-Usenet-Provider: http://www.giganews.com
X-Trace: sv3-2XBH1kNDq/G0bsiRJD4DqV0IwS/vaVmix7I2Ik1kC434lnBKCFlGrhW2iNfGajG4Xaf4GhOWHWi7Rp5!XtZCjUvlb8OkRBN7FzVkIXY9c8LAWPwsTcIsHDGC+oL3Su7arc0fz3BUkCVyy78lB+PgGSs=
X-Complaints-To: abuse@giganews.com
X-DMCA-Notifications: http://www.giganews.com/info/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 2107
 by: Dennis Boone - Fri, 25 Mar 2022 13:11 UTC

> I figure we don't sell to Russia any more anyway. So where's the harm?

The potential harm is that such lists are at best approximations:

They're prone to not having _all_ the IPs assigned to a given geographic
area, due to errors or horse trading of IP blocks. Thus they may give a
false sense of security.

They're prone to including things that are no longer assigned to a given
geographic area, for the same reasons. They may therefore block wanted
traffic.

They fail to account for VPNs. Because of this, they may block wanted
traffic from legitimate but anonymity-conscious users who happened to be
assigned an outbound point within a blacklisted block.

They fail to account for the trivial availability of virtual machine
availability as a launching point for whatever activity is (not) being
blocked by the use of the list.

None of this means blacklists are completely useless, but one should not
use them without a firm understanding of the tradeoffs.

De

Re: List of denied IP addresses

<HYSdnTdkVrOZUKD_nZ2dnUU7-WWdnZ2d@supernews.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=21542&group=comp.os.vms#21542

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!buffer2.nntp.dca1.giganews.com!buffer1.nntp.dca1.giganews.com!nntp.supernews.com!news.supernews.com.POSTED!not-for-mail
NNTP-Posting-Date: Fri, 25 Mar 2022 09:09:08 -0500
Date: Fri, 25 Mar 2022 10:09:06 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.7.0
Reply-To: dturner@islandco.com
Subject: Re: List of denied IP addresses
Content-Language: en-US
Newsgroups: comp.os.vms
References: <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com>
<t1fq3j$8on$1@panix2.panix.com>
<HYSdnTRkVrPqJaD_nZ2dnUU7-WVi4p2d@supernews.com>
<6PidnWzopu70IqD_nZ2dnUU7-NnNnZ2d@giganews.com>
From: dtur...@islandco.com (David Turner)
Organization: Island Computers
In-Reply-To: <6PidnWzopu70IqD_nZ2dnUU7-NnNnZ2d@giganews.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Message-ID: <HYSdnTdkVrOZUKD_nZ2dnUU7-WWdnZ2d@supernews.com>
Lines: 40
X-Trace: sv3-RbnFKR5jMB3rEv8JFRYegSSSQP5n0cn9Ope1f6wGowtwQ6kZtlJ3O5mzBSlbe1DMMj+LK1pGznvNPoK!LbHbd3lnBjhGk1K52mpliGlziVkktsJQ9AqjwteddEBGVE2Z7NiGS79h0nU9P3tDvoDN+qUCYoDy!ySGi/xR0OoUg7Q==
X-Complaints-To: www.supernews.com/docs/abuse.html
X-DMCA-Complaints-To: www.supernews.com/docs/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 3009
 by: David Turner - Fri, 25 Mar 2022 14:09 UTC

We also use Spamhaus, (zen) and god knows how many other blacklists
The htaccess file we have been using, though perhaps over cautious, has
blocked potential harm
from several unruly countries. We had a credit card scam run on our
website a while back before we implemented this
It costs us $2500 from attempted credit-card bot authorizations. That
alone was a good reason to block any group of ips
We do have log files and they did show numerous hits from very specific
countries and cities

So...

On 3/25/2022 9:11 AM, Dennis Boone wrote:
> > I figure we don't sell to Russia any more anyway. So where's the harm?
>
> The potential harm is that such lists are at best approximations:
>
> They're prone to not having _all_ the IPs assigned to a given geographic
> area, due to errors or horse trading of IP blocks. Thus they may give a
> false sense of security.
>
> They're prone to including things that are no longer assigned to a given
> geographic area, for the same reasons. They may therefore block wanted
> traffic.
>
> They fail to account for VPNs. Because of this, they may block wanted
> traffic from legitimate but anonymity-conscious users who happened to be
> assigned an outbound point within a blacklisted block.
>
> They fail to account for the trivial availability of virtual machine
> availability as a launching point for whatever activity is (not) being
> blocked by the use of the list.
>
> None of this means blacklists are completely useless, but one should not
> use them without a firm understanding of the tradeoffs.
>
> De

Re: List of denied IP addresses

<t1kt0r$sjb$1@panix2.panix.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=21548&group=comp.os.vms#21548

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!panix!.POSTED.panix2.panix.com!panix2.panix.com!not-for-mail
From: klu...@panix.com (Scott Dorsey)
Newsgroups: comp.os.vms
Subject: Re: List of denied IP addresses
Date: 25 Mar 2022 17:09:47 -0000
Organization: Former users of Netcom shell (1989-2000)
Lines: 22
Message-ID: <t1kt0r$sjb$1@panix2.panix.com>
References: <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com> <t1fq3j$8on$1@panix2.panix.com> <HYSdnTRkVrPqJaD_nZ2dnUU7-WVi4p2d@supernews.com>
Injection-Info: reader1.panix.com; posting-host="panix2.panix.com:166.84.1.2";
logging-data="16778"; mail-complaints-to="abuse@panix.com"
 by: Scott Dorsey - Fri, 25 Mar 2022 17:09 UTC

David Turner <dturner@islandco.com> wrote:
>On 3/23/2022 2:49 PM, Scott Dorsey wrote:
>> In article <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com>,
>> David Turner <dturner@islandco.com> wrote:
>>> If anyone needs this list, it is a denial list of many naughty state
>>> actors ip addressesand has been useful
>>> for us since it was installed.
>> Why not just use a DNS blocklist and let Spamhaus update it instead
>> of fighting to constantly keep it up to date?
>
>Using that also - Spamhaus only blocks known actors, not all.
>
>I figure we don't sell to Russia any more anyway. So where's the harm?

So your list isn't a list of naughty state actors at all, but random addresses
in specific countries?

If that's what you want, there are DNS-based lists for that too.
--scott

--
"C'est un Nagra. C'est suisse, et tres, tres precis."

Re: List of denied IP addresses

<iZKdnezSLfH9OqL_nZ2dnUU7-YmdnZ2d@supernews.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=21549&group=comp.os.vms#21549

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!nntp.club.cc.cmu.edu!45.76.7.193.MISMATCH!3.us.feeder.erje.net!feeder.erje.net!border1.nntp.dca1.giganews.com!nntp.giganews.com!buffer1.nntp.dca1.giganews.com!nntp.supernews.com!news.supernews.com.POSTED!not-for-mail
NNTP-Posting-Date: Sat, 26 Mar 2022 18:53:04 -0500
Date: Sat, 26 Mar 2022 19:53:04 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.7.0
Reply-To: dturner@islandco.com
Subject: Re: List of denied IP addresses
Content-Language: en-US
Newsgroups: comp.os.vms
References: <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com>
<t1fq3j$8on$1@panix2.panix.com>
<HYSdnTRkVrPqJaD_nZ2dnUU7-WVi4p2d@supernews.com>
<t1kt0r$sjb$1@panix2.panix.com>
From: dtur...@islandco.com (David Turner)
Organization: Island Computers
In-Reply-To: <t1kt0r$sjb$1@panix2.panix.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Message-ID: <iZKdnezSLfH9OqL_nZ2dnUU7-YmdnZ2d@supernews.com>
Lines: 27
X-Trace: sv3-BgWAyvbCeLo7NrctwR+g1/IKqOWK+7NJWRpcbl773b13r8G7/GZgsz6RJdPUiZqjsR2N7N5yNN5ZIqL!MuCd0r2UtZjZIxEKJe2B80ajqC8uGXTBgUi4k0quDS5j3gTbfRweKpYj32uxHLduIri+jvJUOQBo!bknd9twV3IZ0iw==
X-Complaints-To: www.supernews.com/docs/abuse.html
X-DMCA-Complaints-To: www.supernews.com/docs/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 2336
 by: David Turner - Sat, 26 Mar 2022 23:53 UTC

It is a compilation of  naughty boys, hackers,  cities, countries and
regions

On 3/25/2022 1:09 PM, Scott Dorsey wrote:
> David Turner <dturner@islandco.com> wrote:
>> On 3/23/2022 2:49 PM, Scott Dorsey wrote:
>>> In article <DNOdnS_GCcXZQaf_nZ2dnUU7-eudnZ2d@supernews.com>,
>>> David Turner <dturner@islandco.com> wrote:
>>>> If anyone needs this list, it is a denial list of many naughty state
>>>> actors ip addressesand has been useful
>>>> for us since it was installed.
>>> Why not just use a DNS blocklist and let Spamhaus update it instead
>>> of fighting to constantly keep it up to date?
>> Using that also - Spamhaus only blocks known actors, not all.
>>
>> I figure we don't sell to Russia any more anyway. So where's the harm?
> So your list isn't a list of naughty state actors at all, but random addresses
> in specific countries?
>
> If that's what you want, there are DNS-based lists for that too.
> --scott
>

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor