Anyone out ther have experience with this? Or blocking trouble makers from Countires unrelated to your services if connected through AOL?

Your troublemakers may be my customers. Really, you'll have to identify the problem ranges by examining your log files or stats. IP ranges are not assigned by country, but rather loosely by region. So, if you try to ban China, you'll also ban Australia. Try to ban India, and you'll ban New Zealand.

I'd recommend you look into automated access control, rather than trying to get a list of IP addresses. See message #16 of this recent thread [webmasterworld.com].

Jim

Thanks jdMorgan, I highly doubt our troublemakers are your customers :-) and I’m fully aware of the debt over blocking all users from a specific Country, which is very hard to do by IP anyway and is not the goal. In our case it’s not really a political issue but it’s specific to fraud and protecting our local site’s customer base or go out of biz.

We have identified from our logs many troublemakers on small country specific ISP’s, some on satellite ISP’s and we’ve tried to used the CIDR ranges to subsequently block them. It’s always reactive and recently we’ve seen AOL connections that always resolve to Dulles so I was wondering if we could better understood that network well enough to isolate blocks or find out where the real connections are coming from with out blocking all AOL users?

No, AOL is problematic because all of their US traffic uses the NOC at Dulles/Reston Virginia. For a long time, various media were reporting that Virginia had the highest rate of U.S. internet usage, til some smart reporter figured out that it was AOL's network skewing the results.

The scripts in the thread I cited may help a great deal to get you out of your 'reactive' mode. They trap bad user-agents by robots.txt violation and by excessive access rate, and automatically add entries to your .htaccesss file. You can then come along *at your leisure* and inspect the latest intrusion attempts, consolidating idividual IPs into ranges or CIDRs after looking them up in ARIN, APNIC, RIPE, etc. But the blocking action is almost instantaneous, so you can leave your site and take a few days off without worrying about it.

Up until last month, I used one of the satellite ISPs, and my requests would have been mixed in with those of many other countries. Thankfully, I now have point-to-point microwave service, which avoids the 480 millisecond air-time latency and congestion of satellite ISP service. But be careful and don't block my neighbors, OK? :)

Anyway, I gave up trying to unravel AOL's caching proxy system, so I can't help with that. Maybe someone else has more info that would be useful to you. You could also search for GeoIP and discussions about GeoIP and see if they have any suggestions for AOL.

Jim