Network Blocking Policy

Karen IT operates a large-scale network and implements strict policies regarding the blocking of IP addresses, CIDR ranges, and Autonomous Systems (AS) to maintain the integrity and security of our infrastructure. This document outlines our approach to network blocking and provides guidelines for users who may be affected by these policies.

Scanning Activities

• We do not tolerate any form of network scanning within our infrastructure.
• Any detected scanning activities will result in immediate blocking of the associated IP addresses or ranges.

Criminal Activities

• Networks identified as sources of criminal activities will be blocked without exception.
• We reserve the right to block entire network ranges if persistent criminal activities are detected from multiple IP addresses within the same range.

Use of Blocklists

• We utilize data from reputable blocklists, including but not limited to URLAbuse.
• IP addresses listed on these blocklists will remain blocked in our network for as long as they appear on the respective lists.

Spam Email Policy

• We maintain a zero-tolerance policy towards spam emails.
• In addition to blocking the sender's IP address, we reserve the right to block the entire email domain associated with spam activities.

AS Responsibility

• AS are held responsible for the activities within their networks.
• If we determine that an AS is malicious or hosts a significant number of malicious activities, we may block the entire AS range.

Legal Action

• In cases where we detect criminal activities targeting our network, we reserve the right to pursue legal action against the offending parties.

Unblocking Procedure

If your IP address or network has been blocked:

• First, review the relevant report at https://ksrc.karenit.net/Asn-Filtering-Checker to understand the reason for the block.
• To request removal from our blocklist, submit the appropriate form exclusively through https://ksrc.karenit.net/delist.

Additional Policies

• We continuously monitor for Distributed Denial of Service (DDoS) attacks and may implement temporary or permanent blocks on traffic sources involved in such activities.
• We cooperate with law enforcement agencies and may share information about blocked IP addresses or networks involved in criminal activities when legally required to do so.
• We implement rate limiting and other traffic management techniques to prevent abuse of our network resources.
• Regular security audits are conducted to ensure the effectiveness of our blocking policies and to identify any necessary updates or improvements.
• We maintain a list of commonly abused ports and services, and may block traffic on these ports from certain IP ranges known for abuse.

This policy is subject to change without notice as we continuously adapt to emerging threats and security challenges. We encourage all users and network operators to implement best practices for network security to maintain a safe and reliable internet ecosystem.