I haven't manually reviewed my lists for a while, but I did similar checks for X IP addresses d...

BLKNSLVR • yesterday at 11:45 PM • 2 replies • view on HN

I haven't manually reviewed my lists for a while, but I did similar checks for X IP addresses detected from within a /24 block to determine whether I should just block the whole /24.

Manual reviewing like this also helped me find a bunch of organisations that just probe the entire IPv4 range on a regular basis, trying to map it for 'security' purposes. Fuck them, blocked!

P.S. I wholeheartedly support your choice of blocking for your reasons.

Replies

kees99 • today at 12:23 AM

> bunch of organisations that just probe the entire IPv4 range on a regular basis

Yep, #1 source of junk traffic, in my experience. I set those prefixes go right into nullroute on every server I set up:

https://raw.githubusercontent.com/UninvitedActivity/Uninvite...

#2 are IP ranges of Azure, DO, OVH, vultr, etc... A bit harder to block those outright.

➕ show 1 reply

efilife • today at 7:19 AM

> trying to map it for 'security' purposes.

Yes. Fucking censys and internet-measurement and the predatory "opt-out" of scans. What about opting-in to scan my website? Fuck you, i'm blocking you forever

alt Hacker News

Replies