IP ranges used in North America, Hawaii, and Alaska?

Is there a list of all IP ranges, perhaps with masking, used in
North America, Hawaii, and Alaska? Might it be better to just
allow those networks rather than hassle with blocking the rest
of the globe?

Thanks

On Sun, 18 Dec 2005 14:38:07 -0500, Alan Jones <(E-Mail Removed)> wrote:

>
> Is there a list of all IP ranges, perhaps with masking, used in
> North America, Hawaii, and Alaska? Might it be better to just
> allow those networks rather than hassle with blocking the rest
> of the globe?

Check tha ARIN website. I'm pretty sure I saw the list of
all blocks there once. http://www.arin.net/

I think you are trying to do the same thing I am working on. I have come to
the same conclusion. The company that I work for does not do business
outside the USA but we get pounded with SPAM and hacking attempts outside
the USA. I found the following page that defines the North American IP
address ranges: http://www.arin.net/reference/ip_blocks.html#ipv4 .

For a test, for about a week, I have blocked all traffic into our routers
from Asia Pacific. I found those IP address ranges at:
http://www.apnic.net/db/ranges.html . It was amazing how much less SPAM we
received by just blocking those ranges.

My question is, how can I use iptables to define the list of ARIN IP
addresses as a whitelist? I have in mind something like:
iptables -A mybasicfilter -s ! $ARIN -j notallowed
I'm not sure how to define multiple ip ranges for the preceeding example.

If anyone has any ideas on how to implement this, I would appreciate it.

Thanks,

Rod


"Alan Jones" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> Is there a list of all IP ranges, perhaps with masking, used in
> North America, Hawaii, and Alaska? Might it be better to just
> allow those networks rather than hassle with blocking the rest
> of the globe?
>
> Thanks

On Sun, 18 Dec 2005 14:38:07 -0500, Alan Jones <(E-Mail Removed)>
wrote:

>
>Is there a list of all IP ranges, perhaps with masking, used in
>North America, Hawaii, and Alaska? Might it be better to just
>allow those networks rather than hassle with blocking the rest
>of the globe?
>
>Thanks

I suggest you try this. It is not 100% accurate, but it is certainly
better than IANA and it gets updated every day.

http://ip.ludost.net/

--
buck

On Mon, 19 Dec 2005 15:53:18 -0600, "Rod"
<(E-Mail Removed)> wrote:

>I think you are trying to do the same thing I am working on. I have come to
>the same conclusion. The company that I work for does not do business
>outside the USA but we get pounded with SPAM and hacking attempts outside
>the USA.

Indeed. I think working it from the 'allow' direction is more
productive than from the commonly accepted 'deny' approach.

>I found the following page that defines the North American IP
>address ranges: http://www.arin.net/reference/ip_blocks.html#ipv4 .

There ya go, right to the exact page I needed. Yesterday, I found
this page... http://www.iana.org/assignments/ipv4-address-space

It lists some other domestic networks I went ahead and allowed.

>For a test, for about a week, I have blocked all traffic into our routers
>from Asia Pacific. I found those IP address ranges at:
>http://www.apnic.net/db/ranges.html . It was amazing how much less SPAM we
>received by just blocking those ranges.

Indeed.

>My question is, how can I use iptables to define the list of ARIN IP
>addresses as a whitelist? I have in mind something like:
>iptables -A mybasicfilter -s ! $ARIN -j notallowed
>I'm not sure how to define multiple ip ranges for the preceeding example.

I use APF firewall, which is basically a very easy to use front-end
for iptables... http://www.rfxnetworks.com/apf.php

After you install it and are familiar with it, I would be glad to
explain how I use it to allow only limited access to ports 22, 25,
and 8443 (Plesk). The process involves just two files; 'conf.apf'
and 'allow_hosts.rules'.

>If anyone has any ideas on how to implement this, I would appreciate it.
>
>Thanks,
>
>Rod
>
>
>"Alan Jones" <(E-Mail Removed)> wrote in message
>news:(E-Mail Removed).. .
>>
>> Is there a list of all IP ranges, perhaps with masking, used in
>> North America, Hawaii, and Alaska? Might it be better to just
>> allow those networks rather than hassle with blocking the rest
>> of the globe?
>>
>> Thanks

Thanks.

On Mon, 19 Dec 2005 15:05:27 -0500, "Joe Beanfish" <(E-Mail Removed)>
wrote:

>Check tha ARIN website. I'm pretty sure I saw the list of
>all blocks there once. http://www.arin.net/

Thanks, that's a very interesting page. It'll take me a bit to
figure it out.

On Mon, 19 Dec 2005 14:13:45 -0800, buck <(E-Mail Removed)> wrote:

>I suggest you try this. It is not 100% accurate, but it is certainly
>better than IANA and it gets updated every day.
>
>http://ip.ludost.net/

On Mon, 19 Dec 2005 19:40:07 -0500, Alan Jones <(E-Mail Removed)> wrote:

>
> Thanks.
>
> On Mon, 19 Dec 2005 15:05:27 -0500, "Joe Beanfish" <(E-Mail Removed)>
> wrote:
>
>> Check tha ARIN website. I'm pretty sure I saw the list of
>> all blocks there once. http://www.arin.net/
>
>


Other followups to this refreshed my memory. What I saw was at iana.org
http://www.iana.org/assignments/ipv4-address-space