Re: Sudden surge in CGNAT blacklisting

[Scott Fisher via NANOG <nanog () lists nanog org>]

Eric, 

This is a total guess:

There has been several takedowns of large residential proxy networks recently which may motivated security vendors to 
be more aggressive in their identification of known proxy hosts. Some of these proxy networks are more malicious than 
others that will force websites/shops/banks to deny access to IPs idenitfied to be part of these proxies as well. 

Thanks,
Scott 

> On May 15, 2025, at 6:45 PM, Dobbins, Roland via NANOG <nanog () lists nanog org> wrote:
>
>
> On May 16, 2025, at 02:34, Eric C. Miller via NANOG <nanog () lists nanog org> wrote:
>
> We've started accelerating our migration to our ARIN space, but it's still odd why it's all of a sudden.
>
> Have some of the folks sitting behind it I’ll-advisedly signed up, or been involuntarily subsumed into, some of the 
> burgeoning residential proxy services which are being leveraged by spammers, phishers, credential stuffers, DDoSers, 
> et. al.?
>
> There’s a growth in awareness of the threats they represent; & there are several sessions on this topic at the 
> upcoming NANOG conference.
>
> --------------------------------------------
>
> Roland Dobbins <roland.dobbins () netscout com>
> _______________________________________________
> NANOG mailing list 
> https://lists.nanog.org/archives/list/nanog () lists nanog org/message/MHUIGOC4CXM3IXJ64RE7EYLTSUJUPOXC/

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/H2AVDJWRQA77YWTSWFLDSLIUBLUPB5DC/