←back to thread

Ban me at the IP level if you don't like me

(boston.conman.org)
597 points classichasclass | 1 comments | 25 Aug 25 04:23 UTC | HN request time: 0s | source
Show context
lwansbrough ◴[25 Aug 25 05:55 UTC] No.45010657[source]
We solved a lot of our problems by blocking all Chinese ASNs. Admittedly, not the friendliest solution, but there were so many issues originating from Chinese clients that it was easier to just ban the entire country.

It's not like we can capitalize on commerce in China anyway, so I think it's a fairly pragmatic approach.

replies(6): >>45010748 #>>45010787 #>>45010871 #>>45011590 #>>45011656 #>>45011732 #
sugarpimpdorsey ◴[25 Aug 25 06:18 UTC] No.45010787[source]
There's some weird ones you'd never think of that originate an inordinate amount of bad traffic. Like Seychelles. A tiny little island nation in the middle of the ocean inhabited by... bots apparently? Cyprus is another one.

Re: China, their cloud services seem to stretch to Singapore and beyond. I had to blacklist all of Alibaba Cloud and Tencent and the ASNs stretched well beyond PRC borders.

replies(5): >>45010898 #>>45010946 #>>45011282 #>>45011573 #>>45014393 #
1. ectospheno ◴[25 Aug 25 14:42 UTC] No.45014393[source]
If you IP block all of China then run a resolver the logs will quickly fill with innocuous domains with NS entries that are blocked. Add those to a dns block list then add their ASN to your company IP block list. Amazing how traffic you don’t want plummets.