Where can I find a list of IP addresses of hosting providers?

spam ip-address shared-hosting
8,311

Solution 1

At some level, every IP block is announced with a source BGP AS number. You can download full tables from http://www.ripe.net/data-tools/stats/ris/ris-raw-data.

AS Names are available from http://bgp.potaroo.net/cidr/autnums.html.

Match the IP to the most recent source number (keep those raw data tables updated somewhat regularly) and match the source number to the names table.

Solution 2

Blocking all hosting providers is both slow and pointless. Instead you should do two things:

  • Devise a way to identify spammers that hit your app. Say via captcha or hashcash.
  • Log those attempts to syslog.
  • Use fail2ban on your server to parse the log file and block those spam bots.

For example there is a guide on how to stop bots from brute forcing WordPress logins:

http://abdussamad.com/archives/616-Stop-Brute-Force-WordPress-Login-Attempts-with-Fail2Ban.html

Share:
8,311

Related videos on Youtube

esilver
Author by

esilver

My app: http://www.scruff.com

Updated on September 18, 2022

Comments

  • esilver
    esilver almost 2 years

    I am attempting to fend off a spam attack against a web api I run and would like to obtain a list of IP addresses of public web hosting providers from which spammers are launching their attacks. I'm talking about sites like bluehost, rackspace, hostgator, godaddy, Amazon AWS, etc etc. My customers are never accessing me from IP addys at these services, and instead access me via things like DSL, cable, and mobile phone networks.

    I looked at Spamhaus but from what I could ascertain that was about email.

    Thanks!

    • mfinni
      mfinni over 11 years
      This will break if your customers ever start using scripts (to hit your site) that run from IPs in that space. If any of your customers starts using AWS or the RackSpace cloud provider, for example, you'll be blocking them.
  • esilver
    esilver over 11 years
    That is a great idea -- what I really need then is a third file that says which of those AS names are web hosts. I would absolutely pay money for such a list...any ideas where I can get that?
  • loislo
    loislo over 11 years
    I don't know about a list of hosting AS systems, but I'd start with some regular expressions (/hosting/ seems to cut out a lot) and adding in some regular ones yourself. Just call a isSpamAS(number) script and add any systems you never want to see as you go.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Flutter: Get local IP address on Android
Accessing HTTP server from any network Flutter
Change IP address in selenium
Find closest IP
phpmailer, php, header, email goes to spam
Send email using Nodemailer with GoDaddy hosted email
Accessing IP Address with NSHost
can't connect to MySQL database using external ip address
PermError SPF Permanent Error: Too many DNS lookup
Displaying laravel stored images on shared hosting