This month we have a new list that should not be considered harmful, but can help cybersecurity analysts and SecOps to find out if an IP can be malicious. The IPCATV4-DC is a list of IPv4 address that corresponds to datacenters, co-location centers, shared and virtual web hosting providers. In other words, IP addresses that end web consumers should not be using.
This month we are back with IP addresses of forum, blogs and comment site spammers. The CLEANTALK-ORG compiles a database of spam IPs and Emails Database. It allows blocking spammers or other malicious activity. It offers spam protection for forums, boards, blogs and sites.
Several weeks ago we announced our new Python client library. We love to see how our users not only use our API for their internal products and services, but also for their commercial products. This month we introduce the first command line interface (CLI) tool to access our API services. Using the Python Library we currently use for our in-house developments (we are a Python house) we have developed and hosted the source code on Github.
We incorporate a new domain blacklist: AA419-ORG. They offer a complete database of fake bank entries and companies. Advance Fee Fraud has been around, in various forms, for centuries. The basic technique is to convince a victim that they are going to receive a large reward in return for little or no effort on their part. Once the victim is ‘hooked’, the fraudster(s) will gradually reveal various fees that must be paid before the victim can access the fortune that they believe is waiting for them.
We continue with more blacklists with IP addresses of anonymous proxies. The SPYS-ONE free open proxy IP lists is a well-known source of free open proxies in the world. It classifies the proxies by protocol, country, level of anonymity, speed and uptime.
Amazon Web Services (AWS) is without a doubt the most successful public cloud services platform in the world, and within its almost unlimited set of services, there are two that fit very well with the kind of integrations that can be done with Apility.io. I’m talking about the CDN Cloudfront and Lambda@Edge as a serverless computing technology that can run on the ‘edge’ nodes of Cloudfront.
One of the fundamental metrics of a SaaS business like Apility.io is how long a user will be our customer. Without going into many obscure details about marketing in a SaaS business, it is quite intuitive that the longer a customer is with us, the more profitable it will be for the company. A common way to’reward’ loyal customers is to offer annual subscription plans at a significant discount. In return for an upfront payment proportional to the 12-month subscription, the customer receives a substantial discount for his loyalty. For a company, annual subscriptions have the advantage of having’money in the bank’ that they can immediately use for investment. And the most popular investment is in customer acquisition.
Some of our users have already successfully integrated our REST API into their applications thanks to the simplicity of our design and their skills as developers. We love to see how our users not only use our API for their internal products and services, but also for their commercial products. That’s why we’re going to push more and more the development of API clients for different languages, with the idea that more users can start using it by integrating with their services in the most simple way. This month we introduce the first client of our API for the Python language. This is Python Library we currently use for our in-house developments, as we are a Python house.
When I created Apility.io I decided that I didn’t want to follow the traditional start-up growth process. There are several reasons: my personal experience in previous companies, the change in how to invest in the companies… But I think I am good at seeing the trends in the technology market but very bad at guessing the right timing. I believe that how services are going to be consumed will be increasing ‘as a Service’ but more and more abstracted from the peculiarities of the infrastructure and the underlying technological solution. In other words, the’serverless’ concept will gradually become the new norm and will become the norm in a few years’ time.
This month we have added a new blacklist with IP addresses of anonymous proxies. The IDCLOACK-COM free open proxy IP lists claim to be the largest database of free open proxies in the world. Each IP address and port number will route your internet connection to a proxy server in a remote location.
This month we add several blacklists to our repository of domains: The unified hosts’ files of Steven Black. Steven Black hosts files are known Host files you can use to overwrite your /etc/hosts file in your computer to avoid your naming services to resolve malware, adware, fake news, porn, gambling and social hostnames. It’s up to the user to decide what kind of blacklist want to use.
Our customer base grows on a daily basis. This means we have to deploy more service zones closer to the geographical regions where our customers are located. All this Service Zones or Satellites help us to deliver always the lowest latency possible to our users, no matter if they are in a Free or Paid plan, or if they are using the API anonymously. That’s why we have just launched a New service zone in Austalia for our users from Oceania.
This month we have two new IP blacklist slightly different from the lists we have published before: TOP100-LATEST-IP and TOP100-1D-IP. These new lists are the result of our BigData crunching processes over the hundreds thousands of IP addresses analyzed every day. You can visually see it on our IP addresses Blacklist Ranking page updated every hour.
Blocking 500 million users is a serious thing. Still, I have found sites that have decided to implement the most secure way to comply with the new GDPR: Block all EU users! Yes, it’s hard to believe that somebody takes such a drastic decision, but it’s happening. Trying to walk in the shoes of these GDPR Taliban, I realized that I wrote just a few days ago how to block all the traffic coming from one or more continents with Cloudflare Workers and Apility API! So, I realized that I have just created the most simple and powerful tool to be 100% GDPR compliant! No Europeans? No problem anymore!
In a previous article, we explained how to pass as a header attribute the blacklists to which an IP belongs thanks to the capabilities of the Cloudflare Workers. In this article, the traffic never was redirected in the event of a malicious IP address, delegating that responsibility to the developers checking the content of the HTTP header. This is valid for those who have full control over the server-side code, but for those who only use Wordpress or Drupal tools they could not use the script.
Here comes a good bunch of more malicious IP addresses lists into our databases. Here goes the details of the new IP Blacklist of April 2018: BOTSCOUT, TEAMCYRU-BOGONS, TOR-BLUTMAGIE, BLOCKLISTNET-UA, BITNODES-IO, BLOCKCHAIN-INFO, BBCAN117, IANA-BOGONS, ALIENTVAULT.
If you have a SaaS service or you manage the registration system in a forum I am sure you are familiar with this problem: A user registers for the first time in your service, and for some reason decides to create not one, but multiple accounts. When he has consumed the trial period of one account, then he consumes the credit of the other accounts he created. This is the case for Automatic IP address quarantine.
When a cybersecurity expert performs threat intel work, he or she needs to contrast information from different sources to obtain the most detailed picture possible of the scenario he or she is investigating. One of these fundamental tools is the WHOIS service offered by the Regional Internet Registries (RIRs)…
We incorporate a new domain blacklist: SQUIDBLACKLIST. Squidblacklist.org is a service for network administrators the highest quality domain blacklists available for effective, targeted inline filtering leveraging various content control applications and platforms, including Squid Proxy.