given abuse coming from a given IPv6 address: which subnet do I need to block to stop the user behind that address
(for fraud detection it switches from block to identify)
for IPv4 this is generally the /32 (the single IPv4 address)
for IPv6 it's probably a /64, but may be a /56 or even a /48, and on some crappy providers even a /128
if the subnet is smaller than you think it is you risk banning an entire ISP (or country), whereas if if it's too large the abuse continues
it's quite a complicated problem as by design you can have subletting (subnetting!) within a block, e.g. a VPS provider gets a /48 from its ISP, and then they sublets out /64s to their customers (while not necessarily giving them all their own RIPE/ARIN records)
can i ask a question? is it possible for people to "own" ipv4 addresses? like we can own domain names? something like /29 Subnet or /28?
if i spent like a hundred bucks or something, i dont know... just asking. how would that work, does that "bring your own ip" that vps providers talk about mean this?
would be very useful
(business opportunity here guys!)