[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
Re: [LIG] [isp-linux] Re: Blocking all APNIC IP Addresses
- To: linux-india-general@xxxxxxxxxxxxxxxxxxxxx
- Subject: Re: [LIG] [isp-linux] Re: Blocking all APNIC IP Addresses
- From: Suresh Ramasubramanian <mallet@xxxxxxx>
- Date: Mon, 9 Apr 2001 10:31:01 +0530
- Cc: isp-linux@xxxxxxxxxxxxx, linux-delhi@xxxxxxxxxxxxxxxxxxxxx, india-gii@xxxxxxxx, wppiphoto@xxxxxxxx, raju@xxxxxxxxxxxxxxx
- In-reply-to: <15057.15905.387028.948501@mail.linux-delhi.org>; from raju@linux-delhi.org on Mon, Apr 09, 2001 at 10:14:17AM +0530
- Mail-followup-to: linux-india-general@xxxxxxxxxxxxxxxxxxxxx, isp-linux@xxxxxxxxxxxxx, linux-delhi@xxxxxxxxxxxxxxxxxxxxx, india-gii@xxxxxxxx, wppiphoto@xxxxxxxx, raju@xxxxxxxxxxxxxxx
- Organization: Hopelessly Disorganized
- References: <3AD115C5.F2436F51@ohiocounty.net> <NEBBKCJFMLIBALJCINFIIEOICIAA.wppiphoto@wppi.com> <15057.15905.387028.948501@mail.linux-delhi.org>
- User-agent: Mutt/1.3.16i
Raju Mathur rearranged electrons thusly:
> /me quickly updates /etc/mail/access on all systems he administers:
> wppi.com 550 We do not accept mail from Nazis. Please see April 2001
> archives at http://ISP-Lists.ISP-Planet.com/isp-linux/archives/ for more
> information.
I've seen several such cases - where people want to block all Asia (or the
whole of APNIC). [dig through news.admin.net-abuse.email ...]
If the guy runs a server for himself and his family, and doesnt want any mail
/ traffic from Asia, it is his right to block / allow whatever he wants.
However, if he's an ISP, blocking several /8s is not going to make him all
that popular with his customers (especially given the huge number of Asians).
> >>>>> "Steve" == Steve West <wppiphoto@xxxxxxxx> writes:
> Steve> I understand that we should not generalize an entire
> Steve> region, but in our case we have had more trouble
> Steve> originating/using servers from Asia than any other region!
> Steve> I'm very aware that many of these attacks are being done by
> Steve> users in the US using vulnerable systems in Asia. But
> Steve> without any real security measures in Asia, they will
> Steve> forever be the perfect target by hackers.
He does have a point - but if it's just spam and not portscans, h4x0ring and
such, then using RBL + RSS + inputs.orbs.org will solve a lot of your
problem. That, plus not accepting mail from unresolvable domains, plus not
accepting mail from IPs with no rDNS ... <= this last is a major problem for
me - as for several people in India and the rest of Asia. Sadly, several
ISPs in India dont know / care about rDNS, even though they have become quite
clueful re not running open relays.
> Steve> This is very alarming because it speaks of the LACK of any
> Steve> laws. Basically, we came to the conclusion that at this
s/laws/"provider AUPs + enforcement + clue level"/
> Steve> point, we do not do business with anyone in the Asia region
> Steve> and could afford to ignore this entire region. Maybe our
> Steve> policy will change when it requires but I think their laws
> Steve> must change first.
Your machine, your choice ....
> Steve> Going back to my question, what IP addresses are assigned
> Steve> to Asia? So, far I have
> Steve> 202.0. 203.0. 210.0. 211.0.
That's Australia and New Zealand as well.
> Steve> Thanks!
> Steve> SW
hth
--s
--
Suresh Ramasubramanian <--> mallet <at> efn <dot> org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin