← Back to context

Comment by BLKNSLVR

11 hours ago

I haven't manually reviewed my lists for a while, but I did similar checks for X IP addresses detected from within a /24 block to determine whether I should just block the whole /24.

Manual reviewing like this also helped me find a bunch of organisations that just probe the entire IPv4 range on a regular basis, trying to map it for 'security' purposes. Fuck them, blocked!

P.S. I wholeheartedly support your choice of blocking for your reasons.

3 comments

BLKNSLVR

Reply
kees99  10 hours ago

> bunch of organisations that just probe the entire IPv4 range on a regular basis

Yep, #1 source of junk traffic, in my experience. I set those prefixes go right into nullroute on every server I set up:

https://raw.githubusercontent.com/UninvitedActivity/Uninvite...

#2 are IP ranges of Azure, DO, OVH, vultr, etc... A bit harder to block those outright.

  • miyuru  3 hours ago

    In my servers I dont have IPv4 at all, just IPv6 only.

    On the plus side, it does not waste CPU cycles used to block unwanted IPv4 traffic.

efilife  4 hours ago

> trying to map it for 'security' purposes.

Yes. Fucking censys and internet-measurement and the predatory "opt-out" of scans. What about opting-in to scan my website? Fuck you, i'm blocking you forever