jmccormac: > I wonder if it might be easier to publish a data centre map of the internet rather than doing this piecemeal.
I would really love to see that! Not an easy map, given so many /24 ranges amongst the /14 and even /12 ranges. :(
And how would you delineate the ranges?
jmccormac
8:26 pm on Oct 21, 2013 (gmt 0)
I would really love to see that! Not an easy map, given so many /24 ranges amongst the /14 and even /12 ranges. :( And how would you delineate the ranges?
Well most of the approaches that I've seen with online IP checkers are delegated range lists and working down to /24s. It is not the best way for dealing with data centres because some data centres are on ISP ranges. The ISP might have the greater allocation so a /16 might end up getting blocked when in reality it could be just a /24 or less that is causing the problem.
For the larger DCs, an inclusive block range might work as they would include various subnets of other hosters using their ranges. In terms of data, the granularity is good (far better than any of those online IP checker things). I spent a few weeks working on this for a project that did not happen so much of the data is actually just stitting on harddrives. In individual IP terms, most of the world's data centres are included in the data. (I'll hammer it into some statistical form later tonight.)
The others in there seem to be embarq, windstream and others which I do not have specifically listed - they seem to be DSL services. I did notice a webair rqange in there but not intergenia as far as I can tell.
Angonasec
12:25 am on Oct 25, 2013 (gmt 0)
My apologies Sir, here's what I should have posted: (though I personally do block Embarq and other ISPs)
All HSI/Intergenia so far: 50.30.32.0/20 69.64.32.0/19 173.224.112.0/20 199.189.84.0/22 199.217.112.0/21 209.239.112.0/20 HSI-IPV6 2605:DE00:: - 2605:DE00:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
Angonasec
12:32 am on Oct 25, 2013 (gmt 0)
All HSI/Intergenia so far: 50.30.32.0/20 69.64.32.0/19 80.77.80.0/20 88.214.192.0/18 173.224.112.0/20 199.189.84.0/22 199.217.112.0/21 209.239.112.0/20
So it's all of 2605:DE00? How would you say that in shorthand? (The way that in IPv4, 12.23 = 12.23.0.0 - 12.23.255.255)
Angonasec
8:16 am on Oct 25, 2013 (gmt 0)
"How would you say that in shorthand?"
Good question Ms. Lucy, and as a CIDR too please...
lucy24
8:57 am on Oct 25, 2013 (gmt 0)
OK, I looked it up. The syntax is essentially the same. In this case
2605:de00::/32
Since IPv6 uses hexadecimal rather than decimal notation, every 2 digits = one IPv4 block. 8 digits = 4 IPv4 blocks, i.e. all of them. Where /32 is the very end of IPv4 (2^8^4), in IPv6 it's just the beginning.
:: counting on fingers ::
Does it go up to /128?
Why is it called 6 when there are 8 pieces? I suspect I will be very embarrassed when someone explains this to me.
Edit: As far as I can make out, you can't truncate. 2605:de00:: without a trailing /number would just mean 2605:de00:0000:0000: et cetera. (As if 12.23 meant exactly 12.23.0.0 only.)
Angonasec
9:58 am on Oct 25, 2013 (gmt 0)
You're ahead of me Ms. Lucy :)
Wondering if mod_rewrite recognizes formatting like this?
2605:de00::/32
Wary of experimenting, my htaccess file is like a plate spinning on a pole.
lucy24
10:46 am on Oct 25, 2013 (gmt 0)
Ooh, interesting question. Didn't I read that mod_rewrite in 2.4 recognizes CIDR notation?
:: detour to apache docs ::
Yikes! Allow/Deny/Order (mod_authz-thingy) are on their way out, as of 2.4. New form is Require (not). But even 2.2 lets you use IPv6 (including ranges) in mod_authz-whatsit.
The <If> directive, added in 2.4, replaces many things that mod_rewrite has traditionally been used to do, and you should probably look there first before resorting to mod_rewrite.
:: looking irritably at host because I am mad with envy and want to start using <If> last week ::
Angonasec
4:04 pm on Oct 25, 2013 (gmt 0)
My host gets touchy if I ask about Apache 2 (still using 1.3.41) so I'm out of my depth here, already :)
I'll stick, but have fun.
lucy24
2:24 am on Oct 26, 2013 (gmt 0)
Czech robot, new to me: 31.133.13.232 from range 31.133.8.0/21 (8-15, a pretty typical size for 31)
Free lookup says Petr Kadanek, which as his name indicates is apparently a hosting company. Cursory googling suggests that there have been other offenders from the 31.133.13 neighborhood.
1.3? Ouch, ouch. My host won't say exactly what version they use, but there's a cut-and-paste function that shows which mods are installed, so I know it's 2.2.something.
:: wandering off to see if I can figure out why my brain wants to translate "Angonasec" as "He goes hunting". ::
