# Product Security Hardening ## Unrelated Networks to block These networks scan the internet and are not exactly a threat but due to the scanning, it reveals vulnerability information within the infrastructure. ### Blocking Internet Measurement (DriftNet) ASN211298 **IPv4 Scanning IPs** ``` 87.236.176.0/24 193.163.125.0/24 68.183.53.77/32 104.248.203.191/32 104.248.204.195/32 142.93.191.98/32 157.245.216.203/32 165.22.39.64/32 167.99.209.184/32 188.166.26.88/32 206.189.7.178/32 209.97.152.248/32 ``` **IPv6 IPs** ``` 2a06:4880::/32 2604:a880:800:10::c4b:f000/124 2604:a880:800:10::c51:a000/124 2604:a880:800:10::c52:d000/124 2604:a880:800:10::c55:5000/124 2604:a880:800:10::c56:b000/124 2a03:b0c0:2:d0::153e:a000/124 2a03:b0c0:2:d0::1576:8000/124 2a03:b0c0:2:d0::1577:7000/124 2a03:b0c0:2:d0::1579:e000/124 2a03:b0c0:2:d0::157c:a000/124 ``` You may also opt out by sending your IP ranges and/or domain names to . This process will be validated for confirmation by the Driftnet team. ### Block Censys AS398705 AS398324 AS398722 ### Block IONOS AS8560 ### Block Internet Archive (Wayback Machine) AS7941 ### Block North Korea AS13127 ### Block Yandex (Russian Search Engine) AS13238 ### Block M247 Europe AS9009 ### Block ProtonVPN AS209103 Block Cortex Xpanse {% embed url="" %} ``` 35.203.210.0/23 147.185.132.0/23 162.216.149.0/24 162.216.150.0/24 198.235.24.0/24 205.210.31.0/24 216.25.88.0/21 ``` ## Cloudflare **GeoBlocking with Whitelist expression** - This rule blocks incoming traffic from a specified list of countries and the Tor network while allowing traffic from any IP addresses included in a predefined whitelist (e.g., trusted clients or partners). {% code overflow="wrap" %} ``` (ip.src.country in {"CN" "KP" "IR" "SO" "IQ" "CU" "SY" "LY" "VE" "SC" "DE" "NL" "LT" "BG" "ID" "KZ" "BD" "RO" "CL" "PE" "LV" "GI" "TR" "MD" "EE" "UZ" "KG" "MN" "BO" "EG" "ZA" "XX"} or ip.src.continent eq "T1") and not (ip.src in $geo_whitelist) ``` {% endcode %} Bulk IP CSV uploads require a CSV in `IP, Description`Format. Here is a python script to use for creating the bulk upload csv: **cfbulkip.py** ```python import csv # Replace the below IPs with your multiline IP list raw_ips = """ 8.8.8.8 9.9.9.9 """ # Clean up list ip_list = raw_ips.strip().splitlines() ip_list = [ip.strip() for ip in ip_list if ip.strip() and not ip.startswith("#")] # Remove duplicates and sort unique_ips = sorted(set(ip_list)) # Description default_description = "Uploaded via bulk upload script" # Write to CSV with open('cloudflare_ips.csv', mode='w', newline='') as csvfile: writer = csv.writer(csvfile) writer.writerow(['ip', 'description']) # Cloudflare format for ip in unique_ips: writer.writerow([ip, default_description]) print("Saved to cloudflare_ips.csv") ```