Hi,
when one end-customer has been using for example /24 IPv4 allocation
for a while and returns this(for example changes an ISP) to LIR, then
are there some good practices before handing out this same /24 to a
new customer? I guess LIR should:
1) remove all the DNS PTR records, classless of classful delegations
2) check if some of the IP addresses are in DNSBL(maybe the previous
customer was a spammer). Example with 93.184.216.0/24:
$ for ip in {0..255}.216.184.93;\
do for addr in \
cbl.abuseat.org \
dnsbl.inps.de \
no-more-funn.moensted.dk \
dnsbl.sorbs.net \
bl.spamcannibal.org \
bl.spamcop.net \
psbl.surriel.com \
dnsrbl.swinog.ch; \
do dig @8.8.8.8 "$ip"."$addr" +short | grep -q "^127.0.0." && \
echo "DNSBL-Alarm: $ip is listed on $addr"; done; done
$
Anything else?
regards,
Martin
Hi,
as far as I know, some large US Internet companies like Google,
Facebook or Amazon restrict access to some services for certain
regions like Crimea or countries like Iran or North Korea. Do they
rely on services like MaxMind? Or do they use some other method to
check the geographical location of IP address? If yes, then is there
an API to check if an address is allowed to use Google, Facebook, etc
services or not?
thanks,
Martin
you could use ripe atlas selecting nodes in countries you require and destination facbook/google/amazon servers and check results
Colin
Colin,
this is a good idea, but in this case the network I am interested in
does not have a RIPE Atlas probe.
regards,
Martin
In general, are there any other similar databases to DNSBL(used for
fighting against spam) system? For example lets say that some
institution holds a public database of IP addresses of web-servers
which (regularly) serve malware and anyone can check if their IP
addresses are listed there. Or for example public database of IP
addresses of botnet members. The reason I ask is the same- I would
like to be 100% sure that when I hand out a range of IPv4 addresses,
which were previously used by some other customer, then those
addresses were not abused in any way and new customer will not have
any trouble with those addresses.
thanks,
Martin