1
Are there any legitimate reasons why a home router's static public IP may be blacklisted when the activity on the network is just general every day use. No mail server/torrenting or anything as complicated as that.
Doob
Posted 2019-10-21T18:33:28.367
Reputation: 23
1
YES!
The main one is that (even static) IP blocks are often assigned out of "end user/dsl" blocks. Surprisingly often, systems behind these blocks are compromised and start sending spam or become part of a botnet. (A static IP means very little on a home user connection - indeed in the age of always-on connections, allocating a static IP to all customers often makes sense). There are blacklists which identify most of these customer blocks, and often the whole block is banned.) Static IP addresses are often allocated from a so-called dynamic IP block.
Another possibility is a previous owner may have gotten onto a blacklist, and no one has bothered to clean up the address. There is no global mechanism for knowing when IP addresses are assigned to new users. (In you case, as you mention abuseat.org, this is unlikely the case)
davidgo
Posted 2019-10-21T18:33:28.367
Reputation: 49 152
interesting, the system behind the block would be the provider then? In this case does the whole block get black listed or just the individual IPs? – Albin – 2019-10-21T20:25:13.140
Not normally the ISP. Normally third parties explore / discover the block (often using reverse DNS hints and routing table information like BGP number) and add it to the list. Its usually whole blocks. Look at https://www.rbl-dns.com/dul.shtml for some background.
– davidgo – 2019-10-21T20:35:44.5700
Assuming it was not blacklisted when you were assigned to it:
IP's usually get blacklisted if there's if providers/servers notice "shady" things coming from that IP. One possibility would be that one of your devices is part of a bot net without your knowledge. Another possibility that vulnerabilities are detected in your hardware. Davidgo also showed an interesting scenario I wasn't aware of.
You can to a analysis yourself but it's most likely easier to go through the places that black listed your IP. Find out where your IP is black listed (e.g. certain providers), they usually have some kind of contact or information either to unlist your IP or to find the reason why it has been listed (in your case you can acquire the reason here).
Make sure you resolve the problem before you "apply" to get unlisted again.
Albin
Posted 2019-10-21T18:33:28.367
Reputation: 3 983
How exactly are vulnerabilities in hardware detected? Particularly in the case of router firmware? – Doob – 2019-10-22T18:04:39.887
@Doob That would create a second question for that specific problem. In general, you basically follow the step you would if actually exploit the vulnerability without doing the acutall damage. E.g. if the exploit can be achieved thourgh an opoen port, you check on all incoming devices if the port is open. If it is the exploit would be possible and you would block this device. – Albin – 2019-10-23T10:24:54.173
Thanks, interesting stuff. – Doob – 2019-10-23T15:12:55.117
-2
I would assume that you were just unlucky and this is simply a coincidence. when an IP is black listed, it normally doesn't affect anyone but that user. However, when someone else moves to a nearby location and gets designated that IP, you are just screwed.
Depending on what you are trying to access that is blacklisted, I would say your best bet is to contact you ISP (internet service provider), or call tech support of the site. However, if it is someone like Google or Amazon that likely feel you just aren't worth there time, you may not have an easy solution.
A temporary solution though could be that you log in and change the IP of your modem until you can get things worked out. Not sure if it actually would, but I would say it is worth a shot. I haven't, luckily, run into this issue yet. I know a lot about computers and networking, I just haven't needed to research this for myself.
Good Luck, and please do actually let me know what if any of this is helpful so I don't check back and have to tell other people to try the same things.
Carter Curry
Posted 2019-10-21T18:33:28.367
Reputation: 1
-1 from me because this is not true in most cases. This answer would do more harm than good if its considered to be the truth. – LPChip – 2019-10-21T19:14:00.173
-1: this is a static IP, not a dynamic IP! You can't just relog and change your IP! – Albin – 2019-10-21T19:35:01.677
There can be many reasons why you are blacklisted. It also helps to add where the blacklist occurs. Is it a specific website, the internet, a ban on your router, etc? But in your case, the most common reason for a blacklist (or ban) is because multiple spammers were active in your ip address segment, and the entire segment got banned. Another one is spyware/malware on your pc. – LPChip – 2019-10-21T19:13:06.423
where exactly is it listed? how do you know it got listed? We need more info here. – Albin – 2019-10-21T19:33:19.297
I found it listed here https://www.abuseat.org/.
– Doob – 2019-10-21T20:01:38.957@Doob when did you receive it? was it black listed from the beginning? – Albin – 2019-10-21T20:18:57.133
Aren't you the one with a compromised Microtik router? – None – 2019-10-21T20:35:48.327
@GabrielaGarcia Possibly. Trying to find out though if it has been compromised or if it was blacklisted by other means whereby it wasn't compromised. – Doob – 2019-10-21T21:06:09.433