abuse@ and postmaster@ in the modern world?
david at cantrell.org.uk
Fri Nov 17 20:31:21 GMT 2006
On Fri, Nov 17, 2006 at 03:28:58PM +0000, Peter Hickman wrote:
> David Cantrell wrote:
> >On Fri, Nov 17, 2006 at 11:34:35AM +0000, Dave Hodgkinson wrote:
> >>You've blacklisted Korea then?
> >Yes, and China, and a shitload of other stuff too.
> Not quite OT but how many ip addresses are people firewalling on their
> home machines? I've just stepped over the 11k mark and an starting to
> wonder if my firewall will start to have problems with this ever
> increasing list. Am I normal or just paranoid?
If you blacklist 11,000 individual addresses, the machine will have to
search through the whole list for matches - on average for a hit it'll
have to do 5,500 comparisons, for a miss it'll do 11,000. So don't list
addresses, list networks. eg, one of the entries in my list is
22.214.171.124/10, which covers several million addresses.
That's a Chinese netblock, FWIW.
Of course, 11,000 ints in a list is a piddling little list and searching
it will take exactly no time at all. Even so, listing netblocks instead
of individual addresses lets you pre-emptively list the bad places and,
being a shorter list, it'll be easier to keep up-to-date.
David Cantrell | http://www.cantrell.org.uk/david
you have anecdotes; they have data; I have proof
More information about the london.pm