Tag Archives: IP Adress

My blacklist of IP addresses

blacklist
Image by LaNotizia licensed under Creative Commons Attribution 2.0 Generic Licence

I monitor few websites for friends and had to configure security modules in order to prevent brute force attacks and breaches in the admin interface of the website. For CMS like WordPress and Drupal there are some good security modules like iThemesSecurity, Security Review and Login Security. These modules improve the security of a website by limiting the number of failed login attempts and blocking the suspicious IP address.

Over time I collected a list of  backlisted IP addresses which  I share here. One thing I learnt is that attacks can come from anywhere. I believe that some of these IP addresses belong to a botnet of compromised computers as I could trace their coordinates to some very well-known locations in the world.

Here below is the table of blacklisted IP addresses. The same list is in this CSV file. The data is courtesy of MaxMind and the list was last updated on 16th April 2016.

IP Address Country Code Location Postal Code Coordinates ISP Domain
46.20.12.30 TR Bursa,
Bursa,
Turkey,
Asia
16245 40.2719,
29.0983
Dgn Teknoloji Bilisim Yayincilik Sanayi Ve Limited ttnetdc.com
203.130.196.150 ID Jakarta,
Daerah Khusus Ibukota Jakarta,
Indonesia,
Asia
-6.1744,
106.8294
Pt Telekomunikasi Indonesia
109.195.228.208 RU Rostov-on-Don,
Rostov,
Russia,
Europe
344000 47.2364,
39.7139
JSC ER-Telecom Holding ertelecom.ru
66.91.141.42 US Honolulu,
Hawaii,
United States,
North America
96805 21.3069,
-157.8583
Time Warner Cable rr.com
185.53.78.144 UA Ukraine,
Europe
50.45,
30.5233
LLC Gigatel rv.ua
91.200.12.11 UA Ukraine,
Europe
50.45,
30.5233
PP SKS-Lugan
37.59.56.6 FR France,
Europe
48.86,
2.35
OVH SAS ovh.net
37.252.102.136 ES Basque Country,
Spain,
Europe
43.2609,
-2.9388
Xtudio Networks S.l.u
207.244.68.152 US Manassas,
Virginia,
United States,
North America
20109 38.7932,
-77.5366
Leaseweb USA
67.43.10.129 US Lansing,
Michigan,
United States,
North America
48917 42.7257,
-84.636
Liquid Web
193.201.224.40 UA Serhiyi,
Chernivtsi,
Ukraine,
Europe
47.9752,
25.1286
PE Tetyana Mysyk
86.123.247.64 RO Lugoj,
Judetul Timis,
Romania,
Europe
305500 45.6886,
21.9031
RCS & RDS
174.136.57.228 US St Louis,
Missouri,
United States,
North America
63131 38.6143,
-90.4444
Colo4, LLC
95.140.36.2 HU Budapest,
Budapest fovaros,
Hungary,
Europe
1012 47.5,
19.0833
Szervernet szervernet.hu
217.9.126.231 DE Germany,
Europe
51,
9
Versatel Deutschland
162.144.66.10 US Provo,
Utah,
United States,
North America
84606 40.2181,
-111.6133
Unified Layer unifiedlayer.com
52.90.51.76 US Ashburn,
Virginia,
United States,
North America
20147 39.0335,
-77.4838
Amazon Technologies
88.120.254.31 RU Russia,
Europe
55.75,
37.6166
JSC ISPsystem
166.63.124.122 US Columbus,
Ohio,
United States,
North America
43228 39.9649,
-83.1383
Ecommerce Corporation cloudix.com
71.43.100.242 US Orlando,
Florida,
United States,
North America
32810 28.6185,
-81.4336
Time Warner Cable rr.com
213.163.66.101 NL Netherlands,
Europe
52.3667,
4.9
i3d B.V. i3d.net
82.76.87.154 RO Lugoj,
Judetul Timis,
Romania,
Europe
305500 45.6886,
21.9031
RCS & RDS rdsnet.ro
80.13.94.242 FR France,
Europe
48.86,
2.35
Orange wanadoo.fr
149.255.37.187 NL Netherlands,
Europe
52.3667,
4.9
Swiftway Sp. z o.o. swiftway.net
173.254.61.236 US Provo,
Utah,
United States,
North America
84606 40.2181,
-111.6133
Unified Layer unifiedlayer.com
72.55.186.26 CA Montreal,
Quebec,
Canada,
North America
H3G 45.4987,
-73.5793
iWeb Technologies panelboxmanager.com
192.185.82.205 US Houston,
Texas,
United States,
North America
77092 29.8301,
-95.4739
Websitewelcome.com websitewelcome.com
194.28.172.219 UA Ukraine,
Europe
50.45,
30.5233
ON-LINE besthosting.ua
62.219.197.147 IL Nazareth,
Northern District,
Israel,
Asia
32.7036,
35.2956
Bezeq International bezeqint.net
6.20.160.53 FR Gueret,
Creuse,
Limousin,
France,
Europe
23000 46.2667,
1.8667
Adista SAS
198.57.247.139 US Provo,
Utah,
United States,
North America
84606 40.2181,
-111.6133
Unified Layer unifiedlayer.com
74.220.207.109 US Provo,
Utah,
United States,
North America
84606 40.2181,
-111.6133
Unified Layer hostmonster.com
46.216.4.146 BY Minsk,
Minsk,
Belarus,
Europe
53.9,
27.5667
Mobile TeleSystems JLLC
184.68.101.154 CA Calgary,
Alberta,
Canada,
North America
T3R 51.2021,
-114.2453
Shaw Communications
103.30.12.10 IN India,
Asia
20,
77
Surendra Informatics
79.116.28.250 RO Lugoj,
Judetul Timis,
Romania,
Europe
305500 45.6886,
21.9031
RCS & RDS rdsnet.ro
188.65.115.90 GB United Kingdom,
Europe
51.5,
-0.13
UK Webhosting
92.85.171.200 RO Timişoara,
Judetul Timis,
Romania,
Europe
45.7494,
21.2272
Telekom Romania Communication S.A
148.251.0.166 DE Germany,
Europe
51,
9
Hetzner Online GmbH r-99.com
23.101.213.136 AU Sydney,
New South Wales,
Australia,
Oceania
1001 -33.8678,
151.2073
Microsoft Corporation, Microsoft Azure
5.101.138.91 GB Rugby,
Warwickshire,
England,
United Kingdom,
Europe
CV21 52.3913,
-1.2866
UK Dedicated Servers Limited ukservers.com
61.25.200.204 JP Japan,
Asia
35.69,
139.69
@Home Network Japan home.ne.jp
71.165.35.215 US Baldwin Park,
California,
United States,
North America
91706 34.0964,
-117.9668
Verizon Internet Services verizon.net
87.106.129.221 DE Germany,
Europe
51,
9
1&1 Internet AG
193.111.140.181 DE Dusseldorf,
North Rhine-Westphalia,
Germany,
Europe
40472 51.2686,
6.81
myLoc managed IT AG fastwebserver.de
193.111.140.181 DE Dusseldorf,
North Rhine-Westphalia,
Germany,
Europe
40472 51.2686,
6.81
myLoc managed IT AG fastwebserver.de
24.38.19.220 US Denville,
New Jersey,
United States,
North America
7834 40.8841,
-74.4863
Optimum Online, Denville Township School lightpath.net
64.235.39.67 US Las Vegas,
Nevada,
United States,
North America
89141 35.9781,
-115.2117
Las Vegas NV Datacenter lasvegas-nv-datacenter.com
175.137.252.141 MY Kuala Lumpur,
Kuala Lumpur,
Malaysia,
Asia
52200 3.1553,
101.6668
Telekom Malaysia TM Net

How to map IP addresses in bash prompt

ipv4_address
Image by Indeterminate licensed under Public Domain via Commons

I regularly log into different Linux machines on the cloud and find complicated to identify on which machine I am by looking at the bash prompt. In fact, in cloud environments the bash prompt tends to  show an ugly internal IP address which I can never memorize. Plus, I always fear to log into the production environment by mistake and run experimental commands intended to be executed in the development environment.

In order to overcome my fears, I put together few lines of bash code to be added at the beginning of ~/.bashrc:

Line 2 retrieves the IP address from an external web service and map it to myip. Lines 5-14 modify the bash prompt (PS1) based on the value of myip and each IP address (e.g. 1.2.34.567) is mapped to a string appearing in the prompt (e.g. DEV).

Reference: http://unix.stackexchange.com/questions/22615/how-can-i-get-my-external-ip-address-in-bash