amazonaws
Rodney W. Grimes
freebsd-rwg at gndrsh.dnsmgr.net
Fri Aug 9 16:48:45 UTC 2019
> On Tue, 6 Aug 2019 18:42:29 -0700
> Michael Sierchio <kudzu at tenebras.com> wrote:
>
> > On Tue, Aug 6, 2019 at 6:23 PM Rodney W. Grimes <
> > freebsd-rwg at gndrsh.dnsmgr.net> wrote:
> >
> > > > Hi!
> > > >
> > > > Is it possible to bl;ock compute.amazonasws.com with ipfw
> > > > firewall. I have a table with many amazonasws IPs but every time
> > > > when I start Firefox it shows the new one (I am checkong with
> > > > tcpdump).
> > >
> > > Since it is almost impossible to keep up with the IP's....
> > >
> >
> > This is not even remotely true.
> >
> > https://ip-ranges.amazonaws.com/ip-ranges.json
> >
> > is kept up-to-date, and you can subscribe to an SNS topic to be
> > notified of changes:
> >
> > arn:aws:sns:us-east-1:806199016981:AmazonIpSpaceChanged
> >
> >
> >
> > You could put the entire contents, or a portion of it, in an ipfw
> > table and swap tables atomically upon change.
> >
>
> I did try but there are not just compute.amazonasws.com as Rodney W.
> Grimesand wrote and with all blockings come more problems.
This is a spammer, scrapper, abuser, probably the only effective
means of controlling some of it is use of RBL or other blacklists.
Another would be amazon security should be prodded into
taking trademark issue, but the most that could happen
there is the domain name revoked, and the spammer just
goes on to another high profile domain name like
microsaft.com
# host microsaft.com
microsaft.com has address 93.191.156.32
microsaft.com mail is handled by 10 mx.unoeuro.com.
Welcome to the free world of anyone can be an abuser :-(
--
Rod Grimes rgrimes at freebsd.org
More information about the freebsd-ipfw
mailing list