0

Still having pleny of random attacks from China/Russia at our server. I was wondering if blocking based on this address spaces (link to apnic) is safe ?

We are located in Europe and we don't have any interest what so ever in visitors from China/Africa.

Can I pressume the APNIC website is 100% correct ? For both IPv4 as IPv6?

-- IPV4
1.0.0.0/8
14.0.0.0/8
27.0.0.0/8
36.0.0.0/8
39.0.0.0/8
42.0.0.0/8
49.0.0.0/8
58.0.0.0/8
59.0.0.0/8
60.0.0.0/8
61.0.0.0/8101.0.0.0/8
103.0.0.0/8
106.0.0.0/8
110.0.0.0/8
111.0.0.0/8
112.0.0.0/8
113.0.0.0/8
114.0.0.0/8
115.0.0.0/8
116.0.0.0/8
117.0.0.0/8
118.0.0.0/8
119.0.0.0/8
120.0.0.0/8
121.0.0.0/8
122.0.0.0/8
123.0.0.0/8
124.0.0.0/8
125.0.0.0/8
126.0.0.0/8
169.208.0.0/12
175.0.0.0/8
180.0.0.0/8
182.0.0.0/8
183.0.0.0/8202.0.0.0/8  [1]
203.0.0.0/8
210.0.0.0/8
211.0.0.0/8
218.0.0.0/8
219.0.0.0/8
220.0.0.0/8
221.0.0.0/8
222.0.0.0/8
223.0.0.0/8

--IPv6
2001:0200::/23
2001:0C00::/23
2001:0E00::/23
2001:4400::/23
2001:8000::/19
2001:A000::/20
2001:B000::/20
2400:0000::/12
2001:0DC0::/27
2001:0DE8::/29
2001:0DF0::/29
2001:07FA::/32
2001:0DE0::/29
2001:0DB8::/32
Sven
  • 98,649
  • 14
  • 180
  • 226
Martijn
  • 31

1 Answers1

9

You are missing the IANA recovered pool ranges from APNIC there. But I would say blocking half the internet is quite rigorous. A common approach would be to install a firewall / fail2ban / ddos-filter / modsecurity / etc.

Jeroen
  • 1,341
  • 7
  • 16
  • Hi Jeroen, thanks for your reply. Since the e-commerce application is for the Europe market only and we also want to prevent the daily growing spam by Chinese manufacturers who want to offer similar products just blocking the complete APNIC range seems the most effective method. – Martijn Sep 08 '15 at 08:29
  • Customers who are roaming for whatever reason will hate you. – tripleee Mar 27 '17 at 17:24