Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
ACCount37 8 hours ago

Good. GeoIP should be dead, and "IP reputation" should be meaningless garbage.

observationist 7 hours ago | parent | next [-]

IP Reputation is only as meaningful as the duration of ownership. If it's the same owner for years, then reputation is meaningful, and that should count; if it changes hands every 6 hours being assigned to VPS clients or whatnot, then make the reputation stick to the /24 owner, and so on, with varying degrees of scope and duration, so that the responsible party - the shady companies renting their IPs to bad people - actually have their reputations stick. Then block the /24 or larger subnets, or aggressively block all ranges owned by the company, isolating them and their clients, good and bad.

That sort of pressure can work. But then you risk brigading and activist fueled social media mobs and that's definitely no way to run the internet.

gzread 5 hours ago | parent | next [-]

What's the purpose of blocking them, anyway? Is it to make you feel good? To clean up logs? To reduce spam? With the residential proxy industry - which, I note, is directly boosted by such blocking practices and funnels money into organized crime - IPs don't mean a whole lot to those who can pay.

BLKNSLVR 7 hours ago | parent | prev [-]

100% agree with your point regarding long term ownership allowing for meaningful reputation.

I don't necessarily think that's 'no way to run the internet' or even 'no way to run anything', in that people can choose to whom they listen in regards to blocking, protesting, boycotting.

As long as none of the different groups of opinions are forced on anyone else, then pick and choose those you apply and those you ignore.

With my lists of blocking, I classify them, personally, into different tiers such as Basic, Recommended, Aggressive, and Paranoid when I apply the rules to other people's (family) setups - I'm the only one that uses Paranoid.

paulddraper 6 hours ago | parent | prev [-]

How do you protect against DDoS?

6 hours ago | parent | next [-]
[deleted]
gzread 4 hours ago | parent | prev [-]

Temporary blocks if and when you are actually being DDoSed, presumably?

johncolanduoni 3 hours ago | parent [-]

Large DDoS botnets will have hundreds of thousands of return-path-capable IP addresses. Your temporary blocks will have to be very sensitive (i.e. trigger on a relatively small number of requests within the time window) for an application-level DDoS to be usefully mitigated.