Community discussions

 
eldoncito2019
newbie
Topic Author
Posts: 35
Joined: Fri Jun 14, 2019 1:07 pm

RULE for BANKS

Sun Jul 07, 2019 9:59 pm

Gentlemen,
I want to create a rule to grant me the IP of the banks when I write the name of any bank, if anyone knows how to do it, I thank you.
 
anav
Forum Guru
Forum Guru
Posts: 3114
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: RULE for BANKS

Sun Jul 07, 2019 11:04 pm

Your requirement is lacking too many details to sufficiently address...........
For example. Do you mean writing the banks name on toilet paper in a bar??
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
eldoncito2019
newbie
Topic Author
Posts: 35
Joined: Fri Jun 14, 2019 1:07 pm

Re: RULE for BANKS

Sun Jul 07, 2019 11:05 pm

Can anyone guide me?
 
anav
Forum Guru
Forum Guru
Posts: 3114
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: RULE for BANKS

Sun Jul 07, 2019 11:08 pm

I just did. Provide much more detail on your requirements.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
eldoncito2019
newbie
Topic Author
Posts: 35
Joined: Fri Jun 14, 2019 1:07 pm

Re: RULE for BANKS

Sun Jul 07, 2019 11:10 pm

ok, I want to make a rule in my RB to create a list of addresses, in order to obtain the IPs of the main banks in my country, understand me?
 
eldoncito2019
newbie
Topic Author
Posts: 35
Joined: Fri Jun 14, 2019 1:07 pm

Re: RULE for BANKS

Sun Jul 07, 2019 11:17 pm

I have this rule

/ip firewall filter
add action=add-dst-to-address-list address-list="BANCOS LIST" address-list-timeout=10m \
chain=forward comment="BANCOS LIST" content=banco in-interface="PUENTE 1" port=443 \
protocol=tcp
 
anav
Forum Guru
Forum Guru
Posts: 3114
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: RULE for BANKS

Sun Jul 07, 2019 11:21 pm

That is a great improvement!! Thanks.

Let me see if I understand......
You want the router to be given a script (set of commands) that say
Scan all the IPs in the world (ipv4 and ipv6?)
Figure out which of those IPs belong to banks.
Figure out which of the bank IPs belong to a specific country
Write those IPs to an address list on my router.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
eldoncito2019
newbie
Topic Author
Posts: 35
Joined: Fri Jun 14, 2019 1:07 pm

Re: RULE for BANKS

Sun Jul 07, 2019 11:29 pm

all the IP of the world's banks, not only the banks of my country, can it be done?
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1310
Joined: Sat Dec 24, 2016 11:17 am
Location: jo.overland at gmail.com

Re: RULE for BANKS

Sun Jul 07, 2019 11:38 pm

How do you know that an IP belongs to a bank?
And what will you do with this information? Why do you need it?
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
eldoncito2019
newbie
Topic Author
Posts: 35
Joined: Fri Jun 14, 2019 1:07 pm

Re: RULE for BANKS

Sun Jul 07, 2019 11:42 pm

is to make it happen in fasstrack for the RB
 
joegoldman
Member
Member
Posts: 498
Joined: Mon May 27, 2013 2:05 am

Re: RULE for BANKS

Mon Jul 08, 2019 12:56 am

Your request is way too ambitious and unlikely.

The easiest way is to look at the different RIR's, and find banking organisations, then you will have their IP blocks. Not all banks are likely to have their own allocation though.

Then you get those who host their user services front-end in a cloud like AWS or cloudflare.

Then you get those who use multiple providers and different IP's for redundancy etc.

Its just unfeasible to build such a list worldwide, especially not automagically. At best you could target a few banks and do your research and build a fairly comprehensive list just doing DNS and WHOIS lookups, but this would take forever to go worldwide.
 
nescafe2002
Long time Member
Long time Member
Posts: 624
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: RULE for BANKS

Mon Jul 08, 2019 1:05 am

is to make it happen in fasstrack for the RB

Example of a https://en.wikipedia.org/wiki/XY_problem

Describe what you are trying to achieve, perhaps it can be done without creating address lists.
 
anav
Forum Guru
Forum Guru
Posts: 3114
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: RULE for BANKS

Mon Jul 08, 2019 3:19 am

You guys are spoiling all the fun. I was going to suggest wrapping the router in tin foil next!! ;-)
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
luma
just joined
Posts: 3
Joined: Sun Jul 07, 2019 4:00 pm

Re: RULE for BANKS

Mon Jul 08, 2019 3:11 pm

Consider a bank. They may have several branches, each with it's own backhaul to corporate and probably a local internet connection for employee traffic (to keep it off the MPLS or whatever). Then corporate likely has several address ranges of their own for self-hosted services, then they likely have a footprint in one or more cloud vendors, each with their own address space, and if they're doing it right, that address space can change dynamically as server load changes and new instances of microservices are brought online and then destroyed. Finally, they likely engage with SaaS providers for certain applications, and those have their own cloud address spaces.

That's just one bank.

How do you propose you'd collect all that? I have done network assessments for organizations that take days to map this stuff out for one small-to-medium sized bank. How do you expect to do this on a global scale?

Finally, the important question seems to be this - why? What purpose do you have for knowing all the IPs associated with every bank employee in the world?
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24268
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: RULE for BANKS

Mon Jul 08, 2019 4:31 pm

I guess the OP just wants a simple thing - when his customer goes to his internet banking webpage, it needs to work faster than his otherwise limited stuff. No matter which bank that may be.

Simple answer - not possible.
No answer to your question? How to write posts
 
User avatar
sebastia
Forum Guru
Forum Guru
Posts: 1790
Joined: Tue Oct 12, 2010 3:23 am
Location: Antwerp, BE

Re: RULE for BANKS

Mon Jul 08, 2019 7:46 pm

most banks use https right. why not prioritise https traffic up to a certain volume?

might give some improvement...

Who is online

Users browsing this forum: Google [Bot], MSN [Bot] and 144 guests