 | View Full Version : Anyone got the IP ranges for ALL ISP's and DC's in the world? mouseattack 03-17-2006, 08:46 PM I'm wanting to build a black list, and ban any datacenter from acccessing my servers, and whitelist all personal isp's. Anyone have or know how i can find all the ip ranges assigned to places like ev1, the planet, fdc, server shack, etc, all the rest? ~Mouse sightz 03-17-2006, 08:50 PM That would be a pretty serious blacklist. What are you thinking? Building a DDOS-proof box? Is it even physically possible to filter through a list that size for every connection? sshepherd 03-17-2006, 09:03 PM You can buy a list from maxmind.com for $15. Includes all known ISPs. I'm not aware of a list that's separated with ISP and then "DC's". I would think both may get included together. http://www.maxmind.com/app/isp Richard 03-17-2006, 09:06 PM That would be a pretty serious blacklist. What are you thinking? Building a DDOS-proof box? Is it even physically possible to filter through a list that size for every connection? That'd be one hell of a list. Alien Helmet 03-18-2006, 12:44 AM What are you thinking? Building a DDOS-proof box? If that's what he wants to do, he'd just be wasting his time given that DDoS attacks are generally conducted by botnets of compromised end-user systems. Mouseattack: what are you trying to do that makes you want such a list? BPrintz 03-18-2006, 01:01 AM Such a list could be used for processing orders even. I know I have had many fraudulent orders come from dedicated servers etc. as it allows people outside of the US to mask their IP to a US IP. A list of this type could be integrated in a billing system to block orders from these sources. Swelly 03-18-2006, 03:27 AM Yeah I would agree with the others, thats a huge list. Good luck in your quest though. ChrisTech 03-18-2006, 11:17 AM I'm wanting to build a black list, and ban any datacenter from acccessing my servers, and whitelist all personal isp's. Anyone have or know how i can find all the ip ranges assigned to places like ev1, the planet, fdc, server shack, etc, all the rest? ~Mouse Why not just deny * then allow your whitelist ? Making a blacklist for what you are doing, seems to be a large undertaking. webair-gene 03-18-2006, 11:22 AM Why not just deny * then allow your whitelist ? Making a blacklist for what you are doing, seems to be a large undertaking. As ChrisTech said, if your intent is to block all access except to known ip's then just deny/drop * and add your private ips to a white list. If you're using iptables and aren't too familiar with it I suggest using APF and configuring it with no open ports and then adding your ips to the white list by typing apf -a <ip> |