Hacker News new | ask | show | jobs
by neilv 639 days ago
Is there a public list of those address blocks, which you'd recommend?
3 comments
epc 639 days ago
Not that I know of, but each service seems to publish a list (some in text, some JSON). I’ll reply later with the URLs of the ones I have.
link
epc 638 days ago
This is what I have, see another reply for shared IP lists:

  https://ip-ranges.amazonaws.com/ip-ranges.json

  https://www.digitalocean.com/geo/google.csv
  
  https://www.gstatic.com/ipranges/cloud.json
link
epc 638 days ago
I also found this but haven't validated it yet: https://github.com/femueller/cloud-ip-ranges
link
Maxion 638 days ago
There are lists, e.g.

https://www.spamhaus.org/resource-hub/dnsbl/the-return-of-th...

https://github.com/X4BNet/lists_vpn

https://github.com/tobilg/public-cloud-provider-ip-ranges

link
Avamander 638 days ago
Set up a honeypot, or more like a booby trap, and boldly ban all IPs that access it.

Then you can consider banning OVH, DO, AWS, GCP, Oracle, China, Russia.

link
neilv 638 days ago
Honeypot is a good idea, but not for my immediate little one-server Web site startup.

On blocking country address ranges, my idealist side hopes that doesn't prove necessary. I personally know nice people in both of those countries.

link
Avamander 638 days ago
It's just an inevitability due to poor abuse handling (or lack thereof) in those countries.

Some people might be nice but it's a minuscule part of the absolute flood of malicious traffic originating from those countries.

If people in those countries do not like such treatment, I'm so sorry, but they should force their ISPs to clean up their act. It's insane.

link