Peter Müller [Sun, 13 Dec 2020 12:44:54 +0000 (12:44 +0000)]
override-{a[1, 3}, other}: add overrides for Akamai and some AP-based IP hijackers
Those came to my attention last night... These two "Cloud Innovation
Ltd." networks are especially interesting, since they strongly suggest
to be hijacked or stolen from AFRINIC for the sole purpose to be routed
by various dirty networks worldwide. Some of them host a decent amount
of phishing and C&Cs, while others seem to be used as proxy
infrastructure by miscreants, which is why an A1 flag seems to be
justified from my point of view.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Mon, 16 Nov 2020 15:58:31 +0000 (16:58 +0100)]
override-{a[1-3],other}: regular batch of various overrides
Since the "Asline" IP hijacking gang tampers with RIR data, probably to
evade location based firewall rules, their Autonomous Systems were
pinned to the AP region (the given Hong Kong contact address seems to be
bogus for at least one /16 stolen AFRINIC chunk) for safety reasons.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Mon, 16 Nov 2020 17:51:26 +0000 (18:51 +0100)]
countries: treat Cyprus as being part of the European area
While this country is politically split, it's IP space is maintained by
RIPE, which is why we have to tag it as "EU" rather than "AS" to ensure
ipinfo.cgi asking the right WHOIS servers.
Fixes: #12524 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Fri, 30 Oct 2020 11:55:48 +0000 (12:55 +0100)]
overrides/override-{a{1,3},other}: add overrides for obviously bogus countries
Some people seem to think it is clever to locate their networks on
unpopulated islands somewhere in the Atlantic Ocean (I think about
rejecting or flagging those networks entirely), while others have
registered letterboxes companies on St. Kitts and Nevis, the Seychelles,
or elsewhere.
While I personally consider this to be a good idea if you are in need of
additional privacy, it would be nice if they could at least put in a
country that makes sense - let it be EU or AP if they do not want to be
tracked down further, I don't care. But BV is definitely not helping. :-/
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 15 Oct 2020 15:25:00 +0000 (15:25 +0000)]
Add overrides for RFC1918
Because of RIPE (or somebody else) adding 192.168.0.0/15, we are
classifying those addresses as EU. This renders whole networks
inaccessible and therefore we are adding those networks with a
faked country until we find a better solution.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Sat, 19 Sep 2020 20:39:36 +0000 (20:39 +0000)]
overrides/override-{a1,other}.txt: weekly batch of override updates
Overrides have been handed in as more or less atomic changes with
separate patches or patchsets. Given the volatility of those, this
approach does not seem to be worth the effort any more, which is why
this patch introduces weekly (?) batching of those changes in one big
patch.
The contents of overrides have been researched with caution, sometimes
even exhaustively, which is why they are considered to be safe to be
applied en bloc.
Cc: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
projects / location / location-database.git / log
