blog/2006-12-29
海外からのアクセスをブロックした
やたらと、英文のアドレスを貼り付ける。それがコンテンツと何ら関わりのあるものならまだいいが、大半が無関係(RMTやExplositあたりのスパムとかありそうだが、現在までに確認しているものはEventWikiで4件被害があった程度)で、特にアダルト系だった日には殺意すら沸く。
一般的には、中国、韓国、インドからのスパム報告が多いらしいが、このサイトで滅多に見かけることはなく、大半がRIPE(ヨーロッパ)およびアメリカ発である。
まず、国内のホストを許可。ちなみに、133で始まるのは教育機関ね。
<LimitExcept GET HEAD> order deny,allow deny from all allow from .jp allow from .bbtec.net # .jp ではないが、Yahoo BB は許可しよう allow from .il24.net # .jp ではないが、Interlink は許可しよう allow from 133.0.0.0/133.255.255.255 allow from 192.50.0.0/192.50.255.255 allow from 192.218.0.0/192.218.255.255 allow from 192.244.0.0/192.244.255.255 allow from 202.11.0.0/202.11.255.255 allow from 202.13.0.0/202.13.255.255 allow from 202.15.0.0/202.19.255.255 allow from 202.23.0.0/202.26.255.255 allow from 202.32.0.0/202.35.255.255 allow from 202.48.0.0/202.48.255.255 allow from 202.208.0.0/202.255.255.255 allow from 203.136.0.0/203.141.255.255 allow from 203.178.0.0/203.183.255.255 allow from 210.128.0.0/210.159.255.255 allow from 210.160.0.0/210.175.255.255 allow from 210.188.0.0/210.191.255.255 allow from 210.196.0.0/210.199.255.255 allow from 210.224.0.0/210.239.255.255 allow from 210.248.0.0/210.255.255.255 allow from 211.0.0.0/211.7.255.255 allow from 211.8.0.0/211.19.255.255 allow from 211.120.0.0/211.135.255.255 allow from 218.40.0.0/218.47.255.255 allow from 218.110.0.0/218.110.255.255 allow from 218.216.0.0/218.231.255.255 allow from 219.96.0.0/219.127.255.255 allow from 219.160.0.0/219.165.255.255 allow from 219.166.0.0/219.167.255.255 allow from 220.96.0.0/220.99.255.255 allow from 220.104.0.0/220.111.255.255 allow from 220.144.0.0/220.145.255.255 allow from 220.208.0.0/220.223.255.255 allow from 221.112.0.0/221.119.255.255 allow from 61.112.0.0/61.127.255.255 allow from 61.192.0.0/61.199.255.255 allow from 61.200.0.0/61.215.255.255 </limt>
それでも英文スパムは収まらない。で、とりあえず現在までの国賊スパムホスト。
deny from 203.180.82.150 # catv082-150.lan-do.ne.jp deny from 210.141.38.41 # aic-adsl-341.enjoy.ne.jp deny from 210.236.72.60 # d-210-236-72-060.d-cable.katch.ne.jp deny from 218.110.37.15 # p6e250f.osaknt01.ap.so-net.ne.jp deny from 218.123.142.130 # softbank218123142130.bbtec.net deny from 218.123.220.81 # softbank218123220081.bbtec.net deny from 218.125.90.27 # softbank218125090027.bbtec.net deny from 218.135.68.67 # softbank218135068067.bbtec.net deny from 218.181.248.18 # softbank218181248018.bbtec.net deny from 218.219.147.225 # gw3.kbmj.jp deny from 218.225.206.180 # usr050.pial096-01.wpe.im.wakwak.ne.jp deny from 219.117.173.123 # cr3-173-123.seaple.icc.ne.jp deny from 219.214.212.146 # softbank219214212146.bbtec.net deny from 219.25.28.97 # softbank219025028097.bbtec.net deny from 219.57.70.53 # softbank219057070053.bbtec.net deny from 219.75.248.198 # 219-75-248-198.eonet.ne.jp deny from 220.146.119.113 # ntchba097113.chba.nt.ftth.ppp.infoweb.ne.jp deny from 220.226.63.254 deny from 220.60.16.180 # softbank220060016180.bbtec.net deny from 221.186.213.203 # pc3.yaechika-unet.ocn.ne.jp deny from 221.251.60.181 # 221x251x60x181.ap221.ftth.ucom.ne.jp deny from 221.251.65.247 # 221x251x65x247.ap221.ftth.ucom.ne.jp deny from 221.32.8.222 # softbank221032008222.bbtec.net deny from 221.85.240.165 # softbank221085240165.bbtec.net deny from 222.15.127.228 # ZS127228.ppp.dion.ne.jp deny from 58.80.112.76 # 58x80x112x76.ap58.ftth.ucom.ne.jp deny from 61.24.163.134 # 61-24-163-134.rev.home.ne.jp deny from 61.46.102.33 # zaq3d2e6621.zaq.ne.jp
とくに、プロクシらしい環境変数を出してないこととなると、これらのアドレスのパソコンは、相当セキュリティ意識の甘い連中のようである。おそらく、ゾンビPCになっているのだろう。2ちゃんねるなどのBDSLのフィルタをかわしている事を考えると、実際はこれの3倍程度はゾンビPCが存在している事になるだろう。これじゃあ、Winnyでなくとも情報流失しておかしくない。
で、割とスパム報告の多いホスト(参考:Banned IP Address、CyberSyndrome)
deny from 151.196.0.0/151.205.255.255 # Verizon Internet Services Inc. deny from 195.131.143.0/195.131.154.255 # WEBPLUS-ADSL deny from 196.25.255.0/196.25.255.255 # Telkom SA Limited deny from 196.3.62.0/196.3.62.255 # Dial pool one assigned to Lagos subscribers deny from 198.54.0.0/16 # TELEKOM MALAYSIA BERHAD, deny from 198.54.202.0/198.54.202.255 # Telkom SA Ltd. deny from 201.255.0/17 # Telefonica de Argentina deny from 202.28.0.0/202.29.255.255 # UniNet(Inter-university network) deny from 202.75.32.0/202.75.63.255 # TELEKOM MALAYSIA BERHAD deny from 203.116.0.0/203.118.63.255 # 19 Taiseng Drive deny from 203.142.1.0/203.142.1.255 # Shinjiru Technology Sdn. Bhd. deny from 203.26.206.0/203.26.206.255 # Agile Communications. deny from 205.209.128.0/18 # Managed Solutions Group, Inc. deny from 209.160.0.0/209.160.79.255 # HopOne Internet Corporation (TERRIBLE SPAMER'S HOST) deny from 209.8.0.0/15 # Beyond The Network America, Inc. deny from 212.175.112.0/212.175.113.255 # Turk Telekom - National Backbone deny from 212.241.192.0/19 # Virtual Hosting VPS deny from 213.232.196.0/213.232.196.255 # Networks for Investpribor Ltd, Moscow, Russia deny from 213.240.228.0/23 # Megalan Ltd deny from 216.52.0.0/16 # Internap Network Services deny from 217.94.96.0/217.95.255.255 # Deutsche Telekom AG deny from 218.98.192.0/218.98.223.255 # Shandong Beelink Information Technology Co., Ltd. deny from 221.144.0.0/221.168.255.255 # KOREA TELECOM deny from 38.0.0.0/8 # Performance Systems International Inc. deny from 62.153.158.0/62.153.159.255 # T-Online International AG deny from 62.194.0.0/62.194.83.255 # Chello Amsterdam deny from 62.245.64.0/19 # Broadband Internet services in Prague deny from 64.62.128.0/64.62.255.255 # Hurricane Electric HURRICANE-4 deny from 64.62.163.96/64.62.163.127 # Argon Blue HURRICANE deny from 65.192.0.0/65.223.255.255 # UUNET Technologies, Inc deny from 65.222.176.96/65.222.176.127 # CYVEILLANCE UU-65-222-176-96-D6 deny from 66.36.224.0/66.36.255.255 # HopOne Internet Corporation (TERRIBLE SPAMER'S HOST) deny from 66.45.224.0/19 # Interserver, Inc deny from 67.140.0.0/67.141.255.255 # Windstream Communications Inc deny from 67.141.240.0/67.141.243.255 # Lexington Internet POP - Dynamic DSL Pool deny from 68.112.0.0/68.119.255.255 # Charter Communications CHARTER-NET-6BLK deny from 68.32.0.0/68.63.255.255 # Comcast Cable Communications, Inc. deny from 68.96.0.0/68.111.255.255 # Cox Communications Inc. [cox.com](TERRIBLE SPAMER'S HOST) deny from 69.31.0.0/69.31.143.255 # nLayer Communications, Inc.(TERRIBLE SPAMER'S HOST) deny from 71.128.0.0/71.159.255.255 # SBC Internet Services SBCIS-SIS80 deny from 71.17.0.0/71.17.255.255 # SaskTel Wide Area Network Engineering Center deny from 72.232.0.0/72.232.255.255 # Layered Technologies, Inc. [layeredtech.com](TERRIBLE SPAMER'S HOST) deny from 72.32.0.0/72.32.191.255 # Rackspace.com, Ltd. deny from 72.36.128.0/72.36.255.255 # Layered Technologies, Inc. [layeredtech.com](TERRIBLE SPAMER'S HOST) deny from 72.51.0.0/72.51.63.255 # Peer 1 Network Inc. deny from 80.1.224.0/80.1.255.255 # NTLI Network Management Centre deny from 80.128.0.0/80.146.159.255 # Deutsche Telekom AG deny from 80.128.0.0/80.146.159.255 # Deutsche Telekom AG deny from 80.58.205.0/80.58.205.255 # TELEFONICA DE ESPANA deny from 81.177.14.0/81.177.15.255 # IN-Telecom Limited - IT-service corporation deny from 81.35.0.0/81.39.255.255 # TELEFONICA DE ESPANA deny from 81.89.10.128/81.89.10.191 # ASTRAL Telecom SA deny from 81.93.97.32/81.93.97.47 # Samisk Videregaende Skole deny from 81.95.144.0/81.95.147.255 # Russian Business Network [rbnetwork.com](TERRIBLE SPAMER'S HOST) deny from 82.100.58.128/82.100.58.255 # MITON_CZ deny from 82.103.128.0/18 # EasySpeedy ApS deny from 82.146.52.0/22 # ISPsystem-US deny from 82.208.128.0/18 # Astral Telecom SA deny from 83.114.235.0/83.114.235.255 # BSSGW152 Ste Genevi钁e Bloc 2 deny from 84.108.0.0/84.108.255.255 # CABLES-CUSTOMERS-CONNECTION deny from 84.136.0.0/84.191.255.255 # Deutsche Telekom AG, Internet service provider deny from 84.94.204.0/84.94.215.255 # Golden Lines International Communication Services Ltd. deny from 85.255.112.0/85.255.127.255 # Inhoster hosting company (TERRIBLE SPAMER'S HOST) deny from 85.99.184.0/85.99.187.255 # TurkTelekom deny from 86.87.0.0/86.87.255.255 # Planet Technologies deny from 87.248.176.0/87.248.191.255 # STARNET S.R.L deny from 87.74.8.0/87.74.15.255 # Cable and Wireless Access Ltd deny from 87.98.216.0/87.98.223.255 # OVH SAS deny from 88.119.0.0/88.119.50.255 # LIETUVOS-TELEKOMAS deny from 88.153.0.0/88.153.84.255 # Bezeq International deny from 88.214.193.0/88.214.193.255 # uaonline-ipipe-193 deny from 89.136.64.0/89.136.79.255 # ASTRAL BRAILA DOCSIS
その中でもとくに、悪質なホストは以下の通り。
deny from 209.160.0.0/209.160.79.255 # HopOne Internet Corporation deny from 66.36.224.0/66.36.255.255 # HopOne Internet Corporation deny from 68.96.0.0/68.111.255.255 # Cox Communications Inc. [cox.com] deny from 72.232.0.0/72.232.255.255 # Layered Technologies, Inc. [layeredtech.com](TERRIBLE SPAMER'S HOST) deny from 72.36.128.0/72.36.255.255 # Layered Technologies, Inc. [layeredtech.com] deny from 81.95.144.0/81.95.147.255 # Russian Business Network [rbnetwork.com] deny from 82.199.102.0/82.199.103.255 # Iskratelecom CJSC deny from 85.255.112.0/85.255.127.255 # Inhoster hosting company (TERRIBLE SPAMER'S HOST)
個人的にはLayerdtechが鬱陶しい。
ついでだったから、メール収集Botも排除しておこう。
# ロリ武藤、 # (電子メール広告社/さわやか広告社/新電子メール広告社 # メール配信サービス/メールマガジン発行社/DM Transporter # ギルド田中/ユーロペイメントサービス/立川商事/三栄商事) # @kawaneba.net、@oshirase.biz deny from 210.165.106.60 # pl316.nas921.p-tokyo.nttpc.ne.jp deny from 210.165.107.106 # pl618.nas921.p-tokyo.nttpc.ne.jp deny from 210.165.127.240 # pl1264.nas925.o-tokyo.nttpc.ne.jp deny from 210.165.238.94 # pl350.nas922.p-tokyo.nttpc.ne.jp deny from 219.114.30.153 # p5153-ipad65marunouchi.tokyo.ocn.ne.jp deny from 219.114.34.177 # p1177-ipad66marunouchi.tokyo.ocn.ne.jp deny from 219.160.113.70 # p5070-ipad50marunouchi.tokyo.ocn.ne.jp deny from 220.96.30.248 # p8248-ipad67marunouchi.tokyo.ocn.ne.jp deny from 61.197.109.15 # pl783.nas923.p-tokyo.nttpc.ne.jp deny from 61.207.157.48 # p1048-ipbf205sapodori.hokkaido.ocn.ne.jp deny from 61.207.96.3 # p3003-ipbf11sapodori.hokkaido.ocn.ne.jp deny from 220.96.32.72 # p2072-ipad68marunouchi.tokyo.ocn.ne.jp # BOTS # マジックインク・インク横浜支部 deny from 219.110.42.87 # h219-110-042-087.catv01.itscom.jp # 萌えっ娘クラブ(田代誠) deny from 43.232.208.203 # 43x232x208x203.ap43.ftth.ucom.ne.jp # 合資会社イーシス [www.ii-sys.jp]? deny from 218.218.152.137 # NWTfa-03p2-137.ppp11.odn.ad.jp deny from 61.116.173.1 # NWTfa-03p5-1.ppp11.odn.ad.jp deny from 61.196.7.46 # NWTfa-02p4-46.ppp11.odn.ad.jp # シネマファンタジー deny from 218.102.0.0/218.103.255.255 # PCCW Limited #(合)橘 deny from 210.159.91.216 # 国際身元保証受託協会(全信協(全国信用身元保証協会)) deny from 43.244.93.104 # 104.93.244.43.ap.zero-isp.NET deny from 219.108.91.234 # y091234.ppp.dion.ne.jp deny from 220.97.29.135 # p4135-ipad70marunouchi.tokyo.ocn.ne.jp # 株式会社エス・アイ・エスワールド[sis-world.jp/sisdns.jp/den2.jp/bijn90.jp] deny from 220.96.35.5 # p5005-ipad68marunouchi.tokyo.ocn.ne.jp # mailserver.idv.tw deny from 61.66.59.205 # adsl-61-66-59-205.KH.sparqnet.net # 夢工房 deny from 211.126.88.96 # L088096.ppp.dion.ne.jp deny from 220.214.82.159 # ZD082159.ppp.dion.ne.jp # リーディング パートナー Co.,Ltd deny from 61.115.78.165 # maruwa6.st.wakwak.ne.jp # [email protected]/[email protected] deny from 218.134.18.101 # softbank218134018101.bbtec.net deny from 220.11.240.10 # softbank220011240010.bbtec.net
Last Modified: 2006-12-29 12:34:50