[AusNOG] Viewing RBL's on entire /24

Nathan Phelan nathan at interconnekt.com.au
Wed Oct 16 10:22:39 EST 2013


Hi Daniel,
If you happen to have nagios (or a nagios compatible system) you could use check_rbl to monitor the range on an ongoing basis.
https://trac.id.ethz.ch/projects/nagios_plugins/wiki/check_rbl

If you happen to be writing your own script check_rbl could also be a good starting point for you.
Cheers,
Natha

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Anthony Spruce
Sent: Wednesday, 16 October 2013 10:05 AM
To: Tim G; Daniel Watson; ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Viewing RBL's on entire /24

Daniel,

To expand on Tim's Reply.

Have a look at http://www.barracudacentral.org/rbl/how-to-use for an example of how DNSBL's work.

There's a list of around 80 or so I've found in random locations, and you can do simple DNS lookups based on the above URL's methods to get the information. Otherwise, I would recommend looking at MXToolbox as an alternative which is already configured :)

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net>] On Behalf Of Tim G
Sent: Wednesday, October 16, 2013 9:58 AM
To: Daniel Watson; ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Viewing RBL's on entire /24

The quickest way would be just to write a quick script that loops through the dns servers for the RBL's that you want to check against for each IP address and marks the IP with wether or not the IP was found in a block list :)

If you want to pay some money, contact MxToolBox. They have a fantastic API if you own a /24 that allows you to query each IP address, and they do all the DNS work for you. They also send you email reports daily showing what IPs are blocked etc.

Regards,
Tim


On 16 October 2013 at 9:48:29 AM, Daniel Watson (daniel at glovine.com.au<mailto://daniel@glovine.com.au>) wrote:
I was wondering if anybody might be able to recommend a way for me to do a RBL lookup on an entire /24 rather then looking up each IP separately

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20131015/d9f00eb1/attachment.html>


More information about the AusNOG mailing list