ISP’s DYNA IP’s, blocking port 25

As another large infection spreads across the ‘Internet of Things’, it is time to ask the question again, why aren’t ISP’s and Telco’s routinely blocking outbound connections from their dynamic IP Space to port 25.

Not that most spam protections don’t already identify those, but it does add a lot of overhead to the servers and internet that doesn’t need to occur. Right now the latest viral bot is sending messages with the subject of ‘Hi my friend!’, but we also see a lot of dictionary attacks as well.

Just to give you an idea, let’s look at a typical server who got attacked by 3000 or so IP(s) all on dynamic ranges. We know they are not email servers, but think of the damage that not only these 3000 IP(s), but all the other IP(s) in the same ranges, as tomorrow the IP(s) might change (dynamic).

Looking at the list below, it is very clear that the internet would be a better place if the following ISP’s all blocked outbound connections to port 25 at their borders from their dynamic ranges.

vodafonedsl.it
forthnet.gr
optinet.bg
softphone.blizoo.bg
access.hol.gr
dhcp-dynamic.FibreOP.nl.bellaliant.net
rochester.res.rr.com
pools.vodafone-ip.de
service.infuturo.it
ppp-137-4.15-151.iol.it
ppp-196-21.20-151.libero.it
adsl-ull-219-12.40-151.net24.it
97e094b0.skybroadband.com
dynamic.ip.windstream.net
wsip-174-77-228-192.ga.at.cox.net
192.Red-176-84-95.dynamicIP.rima-tde.net
dsl.brasiltelecom.net.br
dsl.telesp.net.br
dynamic.adsl.gvt.net.br
customer-GDL-114-88.megared.net.mx
dyn.cableonline.com.mx
dynamic.kabel-deutschland.de
pools.arcor-ip.net
dynamic.sbb.rs
dynamic.hispeed.ch
dynamic.upc.nl
dynamic.t-mobile.pl
dialup.adsl.anteldata.net.uy
user.veloxzone.com.br
dynamic.kbronet.com.tw
speedy.com.ar
fibertel.com.ar
telecentro-reversos.com.ar
Dynamic-IP-1815009391.cable.net.co
adsl-181-128-43-249.une.net.co
pool-4-123-124-181.telecel.com.py
baf.movistar.cl
dyn.centurytel.net
genericrev.cantv.net
dyn.prod-infinitum.com.mx
dyn.cableonline.com.mx
dynamic.jazztel.es
dyn.prod-infinitum.com.mx
dynamic.isadsl.co.za
pppoe-dynamic.High-Speed.nb.bellaliant.net
pD9510D6F.dip0.t-ipconnect.de
dynamic.hinet.net
dyn.telefonica.de
ppp005054020052.access.hol.gr
dyn.user.ono.com
pool.mediaWays.net

We can of course go on and on, but given the ‘Internet of Things’, where every smart fridge, stove, TV is a potential target for virus’s, we can see where this is leading.

This entry was posted in Uncategorized and tagged , , , , . Bookmark the permalink.

Leave a Reply