[c-nsp] Efficient way to block spammer networks?
Jeff Chan
cisco-nsp at jeffchan.com
Mon Apr 25 14:38:56 EDT 2005
The following ASN is apparently owned or controlled by Alan
Ralsky and/or other major spammers:
>sh ip bgp regex 33407$
BGP table version is 367561, local router ID is ___
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 204.13.16.0/21 144.228.52.181 10 0 1239 701 33407 i
*> 12.118.243.165 9 0 7018 701 33407 i
* 207.244.52.0/22 144.228.52.181 10 0 1239 701 33407 i
*> 12.118.243.165 9 0 7018 701 33407 i
* 207.244.56.0/22 144.228.52.181 10 0 1239 701 33407 i
*> 12.118.243.165 9 0 7018 701 33407 i
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL25586
> OrgName: Web Presence, Inc.
> OrgID: WEBPR-2
> Address: 7065 West ann road
> Address: Suite 130-125
> City: Las Vegas
> StateProv: NV
> PostalCode: 89130
> Country: US
>
> NetRange: 204.13.16.0 - 204.13.23.255
> CIDR: 204.13.16.0/21
> NetName: WEPPR-NET
> NetHandle: NET-204-13-16-0-1
> Parent: NET-204-0-0-0-0
> NetType: Direct Allocation
> NameServer: NS1.JRIAD.INFO
> NameServer: NS2.JRIAD.INFO
> Comment:
> RegDate: 2005-04-01
> Updated: 2005-04-08
>
> OrgTechHandle: VAL-ARIN
> OrgTechName: Allan, Victor
> OrgTechPhone: +1-877-935-1974
> OrgTechEmail: victorallan at web4presence.com
What's the most efficient/preferred way to stop their traffic at
the edge of our network? Static route to null0? Filter their
AS? ACL their prefixes?
Jeff C.
--
Jeff Chan
mailto:cisco-nsp at jeffchan.com
http://www.supranet.net/
More information about the cisco-nsp
mailing list