# Product Security Hardening ## Unrelated Networks to block These networks scan the internet and are not exactly a threat but due to the scanning, it reveals vulnerability information within the infrastructure. ### Blocking Internet Measurement (DriftNet) ASN211298 **IPv4 Scanning IPs** ``` 87.236.176.0/24 193.163.125.0/24 68.183.53.77/32 104.248.203.191/32 104.248.204.195/32 142.93.191.98/32 157.245.216.203/32 165.22.39.64/32 167.99.209.184/32 188.166.26.88/32 206.189.7.178/32 209.97.152.248/32 ``` **IPv6 IPs** ``` 2a06:4880::/32 2604:a880:800:10::c4b:f000/124 2604:a880:800:10::c51:a000/124 2604:a880:800:10::c52:d000/124 2604:a880:800:10::c55:5000/124 2604:a880:800:10::c56:b000/124 2a03:b0c0:2:d0::153e:a000/124 2a03:b0c0:2:d0::1576:8000/124 2a03:b0c0:2:d0::1577:7000/124 2a03:b0c0:2:d0::1579:e000/124 2a03:b0c0:2:d0::157c:a000/124 ``` You may also opt out by sending your IP ranges and/or domain names to . This process will be validated for confirmation by the Driftnet team. ### Block Censys AS398705 AS398324 AS398722 ### Block IONOS AS8560 ### Block Internet Archive (Wayback Machine) AS7941 ### Block North Korea AS13127 ### Block Yandex (Russian Search Engine) AS13238 ### Block M247 Europe AS9009 ### Block ProtonVPN AS209103 Block Cortex Xpanse {% embed url="" %} ``` 35.203.210.0/23 147.185.132.0/23 162.216.149.0/24 162.216.150.0/24 198.235.24.0/24 205.210.31.0/24 216.25.88.0/21 ``` ## Cloudflare **GeoBlocking with Whitelist expression** - This rule blocks incoming traffic from a specified list of countries and the Tor network while allowing traffic from any IP addresses included in a predefined whitelist (e.g., trusted clients or partners). {% code overflow="wrap" %} ``` (ip.src.country in {"CN" "KP" "IR" "SO" "IQ" "CU" "SY" "LY" "VE" "SC" "DE" "NL" "LT" "BG" "ID" "KZ" "BD" "RO" "CL" "PE" "LV" "GI" "TR" "MD" "EE" "UZ" "KG" "MN" "BO" "EG" "ZA" "XX"} or ip.src.continent eq "T1") and not (ip.src in $geo_whitelist) ``` {% endcode %} Bulk IP CSV uploads require a CSV in `IP, Description`Format. Here is a python script to use for creating the bulk upload csv: **cfbulkip.py** ```python import csv # Replace the below IPs with your multiline IP list raw_ips = """ 8.8.8.8 9.9.9.9 """ # Clean up list ip_list = raw_ips.strip().splitlines() ip_list = [ip.strip() for ip in ip_list if ip.strip() and not ip.startswith("#")] # Remove duplicates and sort unique_ips = sorted(set(ip_list)) # Description default_description = "Uploaded via bulk upload script" # Write to CSV with open('cloudflare_ips.csv', mode='w', newline='') as csvfile: writer = csv.writer(csvfile) writer.writerow(['ip', 'description']) # Cloudflare format for ip in unique_ips: writer.writerow([ip, default_description]) print("Saved to cloudflare_ips.csv") ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://martian1337.gitbook.io/notes/notes/product-security-engineering/product-security-hardening.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.