Many thanks for the links - these would seem to accomplish the desired task.
On Sat, Jun 5, 2021 at 6:11 PM joemailop--- via mailop
wrote:
> Hello Scott,
>
> Azure's IP space, updated once a week with one week lead before they go
> live -
> https://www.microsoft.com/en-us/download/details.aspx?id=56519
>
> From the looks of the json filename, it is changed after each release, so
> I wouldn't recommend re-downloading the below json file for new updates -
>
> https://download.microsoft.com/download/7/1/D/71D86715-5596-4529-9B13-DA13A5DE5B63/ServiceTags_Public_20210531.json
>
> AWS - https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html -
> If the download URL doesn't change (doesn't seem to me that it does), you
> can go straight to https://ip-ranges.amazonaws.com/ip-ranges.json. If you
> have an AWS account, you can sign up for notifications when new subnets are
> added. (It requires using their SNS service.)
>
> GCP - https://cloud.google.com/compute/docs/faq#find_ip_range - If the
> download URL doesn't change (doesn't seem to me that it does), you can go
> straight to https://www.gstatic.com/ipranges/cloud.json
>
> -joe
>
>
> On 6/5/2021 at 7:22 AM, "Michael Peddemors via mailop"
> wrote:
> >
> >Sorry, bit laid up and typing with one hand, but luckily all the
> >top
> >three publicly list their IP(s), unfortunately they do it via web
> >URLs'
> >that you need to parse instead of via say a rwhois entry.
> >
> >(some are listed at various services you can query in RBL format
> >such as
> >RATS-AZURE)
> >
> >Some you can check via PTR naming conventions, and others you can
> >do an
> >ASN lookup.
> >
> >don't have the URL's handy, but welcome to reach out off list.
> >
> >
> >
> >On 2021-06-04 4:08 p.m., Scott Mutter via mailop wrote:
> >> On Fri, Jun 4, 2021 at 1:24 PM Michael Peddemors via mailop
> >> mailto:mailop@mailop.org>> wrote:
> >>
> >> With apache, you can use modsecurity quite easily, and you
> >can block
> >> all
> >> azure (and other cloud providers ranges) from certain
> >services like
> >> wordpress, or contact forms etc.. (you can even do dns based
> >checks or
> >> rbldnsd) ..
> >>
> >>
> >> Are there any links for this? AFAIK mod_security is just a
> >module - to
> >> actually do anything it requires a ruleset. Further from that,
> >how does
> >> it determine what is Azure and what is not? Is it just blocking
> >IP
> >> addresses? Seems you'd need a list of all of the Azure IP
> >address
> >> space. And from what I have seen the offending IPs are all over
> >the place:
> >>
> >> 157.55.39.138
> >> 207.46.13.5
> >> 20.83.33.136
> >> 20.94.247.9
> >> 40.124.141.27
> >> 40.124.141.27
> >> 40.124.193.244
> >> 40.76.220.206
> >>
> >> Are just a few.
> >>
> >> But if there's a way to block Azure and other cloud based
> >services, I'd
> >> be interested in that. But I'd suspect you'd need a list of all
> >of
> >> their IP address spaces - is that information available some
> >where?
> >>
> >>
> >> ___
> >> mailop mailing list
> >> mailop@mailop.org
> >> https://list.mailop.org/listinfo/mailop
> >>
> >
> >
> >
> >--
> >"Catch the Magic of Linux..."
> >---
> >-
> >Michael Peddemors, President/CEO LinuxMagic Inc.
> >Visit us at http://www.linuxmagic.com @linuxmagic
> >A Wizard IT Company - For More Info http://www.wizard.ca
> >"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices
> >Ltd.
> >---
> >-
> >604-682-0300 Beautiful British Columbia, Canada
> >
> >This email and any electronic data contained are confidential and
> >intended
> >solely for the use of the individual or entity to which they are
> >addressed.
> >Please note that any views or opinions presented in this email are
> >solely
> >those of the author and are not intended to represent those of the
> >company.
> >___
> >mailop mailing list
> >mailop@mailop.org
> >https://list.mailop.org/listinfo/mailop
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
