this post was submitted on 22 Jun 2026
49 points (93.0% liked)

Selfhosted

60074 readers
596 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
49
Are ISPs responsible for bots having residential IPs or is this a user problem? (lemmy.world)
submitted 1 day ago by Maroon@lemmy.world to c/selfhosted@lemmy.world
38 comments fedilink hide all child comments
 

I'm trying to understand the bot problem in the internet and finding more ways to defend myself. One thing that I can't seem to understand is why most bots, scrapers and crawlers seem to have residential IPs.

  • Is it that ISPs are being paid by tech-bros to assign them these IPs?
  • Is it that residential devices have been hacked /contain malware that does this?
  • Is it trivial for companies to assign themselves residential IPs?
  • Paid volunteers are doing this for AI companies?

Or is there is some other reason for this?

Obviously this is a problem because one can rotate / cycle through residential IPs and if I aggressively block each offender in my logs permanently, then the next person assigned this IP who may be a legitimate user will be unable to access my site.

you are viewing a single comment's thread
view the rest of the comments
[–] Korhaka@sopuli.xyz 0 points 1 day ago* (last edited 1 day ago) (4 children)

Wouldn't even mind the option to let someone else use my connection a bit for a free VPN tbh, that is no worse than running a TOR node. What I dislike is the dishonesty side of it. Be open and honest then it's all good.

[–] IphtashuFitz@lemmy.world 2 points 4 hours ago

I worked in IT at a university about 15 years ago. As part of a research project I helped set up a Tor exit node. Within a few hours of it taking on traffic I was contacted by the universities IT security team. They were seeing all sorts of malicious traffic originating from that system and wanted to know what was going on. They had the system shut down immediately.

[–] KairuByte@lemmy.dbzer0.com 10 points 1 day ago (1 children)

<.< Let me just throw two scenarios at you real quick to show you why that’s a problem:

That third party can easily just use your connection to view and download CSAM and all external monitoring would suggest that activity was coming from within your network. Because it is.

That third party has full network access to anything your PC does (or at least that nic) which includes anything in your local network. Insecure IoT, other PCs, etc.

[–] Korhaka@sopuli.xyz 1 points 23 hours ago

First scenario is no different to running a TOR exit node. The second is why it needs to be built securely, which can be done though probably isn't in these cases.

[–] waldfee@feddit.org 5 points 22 hours ago* (last edited 9 hours ago)

you should not run a Tor exit relay from your home^[1]^

[–] Mordikan@kbin.earth 6 points 1 day ago (1 children)

It would be like running TOR, but not a relay, it would be like an exit node.

That should be enough to warn anyone away from using them.

[–] Korhaka@sopuli.xyz 0 points 23 hours ago (1 children)

Running an exit node is perfectly legal though. There would be no evidence you have done anything wrong very quickly.

[–] Mordikan@kbin.earth 4 points 22 hours ago (1 children)

You can just look at the testimonies from others who have run exit nodes. The cost of your "free" VPN is that law enforcement will constantly be in contact and investigating you because your network/machine is being used to download CSAM.

There is no "oh don't worry, A.B.C.D is just a tor node, we can give it a pass". Every time that happens, it has to be treated with a full investigation.

[–] Korhaka@sopuli.xyz -1 points 22 hours ago (3 children)

Let them waste their time investigating, actually how do they even know your address?

[–] lucullus@discuss.tchncs.de 6 points 21 hours ago

Wdym wasting their time? They will search your home and confiscate all electronics, including the hardware running your TOR exit node and your phone, and your PC, and your notebook, and your gaming consoles, and of course any of such devices belonging to all other members of your household. And even if they cannot found anything that you have done wrong, you won't get your stuff back for a long time (think half a year to multiple years).

Seems more like they would be wasting your time. And your money.

[–] Mordikan@kbin.earth 6 points 22 hours ago (1 children)

Ok, this I can answer personally as we did multiple cases of this happening (CSAM, bomb threats, etc) at work.

So, anonymity on the Internet is not actually a thing. Whether its an IP address or telecom switch or whatever, there is a path back to you even if only for either billing or connectivity purposes. So, for IP, we would receive a subpoena signed by a judge to hand over any and all information regarding the identify of the a given IP address (they include a long list of things whether applicable or not in the order so every potential base is covered). Once legal was able to review and handed it off to us, we take that and look at the DHCP logs to see that on a given date at a given time that the IP address was assigned as part of shelf A / slot B / port C. That shelf/slot/port combination is tied physically to an address/account. We provide the relevant logs and personal information of that user to law enforcement.

For bomb threats over the phone, telecom switches love to tell every other telecom switch who they are (again, connectivity purposes). So, when you make a call to a business/school doing that, their PBX is going to log to the millisecond when that call occurred and who the switch was. Again, subpoena and we pull the SIP logs. We can even provide the RTP/RTCP packets and reconstruct the phone call audio if the subpoena asks for that.

[–] Korhaka@sopuli.xyz 1 points 21 hours ago* (last edited 21 hours ago) (1 children)

I can pay for internet in cash and the only details I gave them are fake and a random username. 4G internet isn't even tied to the same location as I can move freely.

As I'm not bothered about doing cybercrimes I don't bother doing that much about security though.

[–] Mordikan@kbin.earth 5 points 19 hours ago (1 children)

4G/5G cellular? So, in some ways you're actually easier to find. Your cell gateway is connecting to a tower which is logged and includes cell strength metrics. That gets compared to other towers and via trilateralization your location is determined.

Again, going back to what I previously said: there is a path back to you even if only for either billing or connectivity purposes.

[–] Korhaka@sopuli.xyz 0 points 13 hours ago

So it's easy to find me living at home doing nothing, and hard to track a determined criminal who would just move it when doing crimes?

[–] waldfee@feddit.org 1 points 22 hours ago

They'd not only waste their time though, they'd also confiscate all the electronics they can find at your place