Block/Allow List for IP Blockers Assembly

I want to create a community oriented block and allow list for IP Blockers similar to peerblock. I still use peerblock and it comes in handy with a vpn connection for security, it even is good for monitoring other peoples computer for unwanted traffic (malware). There are basic ways of blocking entire countries, ISPs, and there are various others found at iblocklist.com I wish to create our own service free of charge unlike iblocklists subscription. We can get everything from there and repackage it here.

With my peerblock lists I have close to 200 different ones. And the thing is that really shouldn’t the case, more than likely most of the ips are repeated throughout the lists I have. I have blocked all countries excluding the US, which is odd because TekSyndicate is linking me to the EU, I whitelisted a EU IP to access teksyndicate.

What is going to be a problem is monitoring specific ips and choosing what is generally safe. Like us creating a library of all the domains commonly used and add their ips to the allow list. This is not something that is really easy to do for most people. Sure you can allow TCP specifically, but lets create a good whitelist and black list? Who is willing to collaborate with me on this project?

There's rather big problems with blocking IP's especially since web hosting datacenters protect themselves with akamai and myriad of other services. Some of the bad folks use them as well, and this is where the pain starts.

Services like Akamai use something like a squid (flat publish) over load-balanced dns. So each time you request youre pointing to different IP within their block ~ their network will resolve through a header they got from dns where do you want to go with your session id, so sql can keep your session alive. This means if we block some bad site using those services (and list is big) it could mean that we didn't block their IP's and or we cannot access something good because of this.

There was this nice software called BlackICE (then brought by IBM and closed down ~ migrated to some other black arts project) it had this nice feature, it would query the user if selected on specific ranges to allow it or not.

Thus if we wanted to access a site lets say newegg but on same ddos protection service was sitting some ad track fcker we would only be exposed for some time instead of not being able to access it at all or being exposed to it all the time...

This means you would need to build a shell script or small .net application for windows. Still windows most likely will find a way by... and this isn't something we should allow. If we don't control the system, we should set it out outside of system (between PC and modem)

still
step 1
block china
step 2
block russia
step 3
block mexico

:)

1 Like