IP blocking
Encyclopedia
IP blocking prevents the connection between a server/website and certain IP address
es or ranges of addresses. IP blocking effectively bans undesired connections from those computers to a website
, mail server, or other Internet server.
Unix-like
operating systems commonly implement IP blocking using tcp wrappers, configured by host access control files /etc/hosts.deny and /etc/hosts.allow.
IP banning is commonly used to protect against brute force attack
s. Both companies and schools offering remote user access use Linux
programs such as DenyHosts
or Fail2ban
for protection from unauthorized access while allowing permitted remote access. This is also useful for people who want to remotely access their computers. It is also used for censorship
.
On an Internet forum
or Web site an IP ban is often used to prevent a disruptive member from access, though a warning and/or account ban may be used first. Dynamic allocation of IP addresses can complicate incoming IP blocking, rendering it difficult to block a specific user without blocking a larger number of IP addresses, thereby risking collateral damage caused by ISPs sharing IP address
es of multiple internet
users.
Cyber bullies have developed a novel use for IP blocking that works to their advantage. They send an unthreatening email to an unsuspecting recipient. When the recipient responds, the cyber bully obtains and can then forge their IP address to send out emails, with the intent of getting the IP address banned and blocked. The recipient's subsequent emails are 'blocked' and returned 'undelivered'.
IP banning is also used to limit the syndication of content to a specific region. To achieve this IP-addresses are mapped to the countries they have been assigned to. This has been used to devastating effect most recently to target Nigerian IPs due to the perception that all business emanating from the country is fraudulent. Thus making it extremely difficult for legitimate businesses based in the country to interact with their counterparts in the rest of the world. To make purchases abroad, Nigerians rely on proxy companies to mediate transactions.
Proxy servers can be used to bypass an IP ban unless the site being accessed has an effective anti-proxy script.
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
es or ranges of addresses. IP blocking effectively bans undesired connections from those computers to a website
Website
A website, also written as Web site, web site, or simply site, is a collection of related web pages containing images, videos or other digital assets. A website is hosted on at least one web server, accessible via a network such as the Internet or a private local area network through an Internet...
, mail server, or other Internet server.
Unix-like
Unix-like
A Unix-like operating system is one that behaves in a manner similar to a Unix system, while not necessarily conforming to or being certified to any version of the Single UNIX Specification....
operating systems commonly implement IP blocking using tcp wrappers, configured by host access control files /etc/hosts.deny and /etc/hosts.allow.
IP banning is commonly used to protect against brute force attack
Brute force attack
In cryptography, a brute-force attack, or exhaustive key search, is a strategy that can, in theory, be used against any encrypted data. Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system that would make the task easier...
s. Both companies and schools offering remote user access use Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
programs such as DenyHosts
DenyHosts
DenyHosts is a log-based intrusion prevention security tool for SSH servers written in Python. It is intended to prevent brute force attacks on SSH servers by monitoring invalid login attempts in the authentication log and blocking the originating IP addresses...
or Fail2ban
Fail2ban
Fail2ban is an intrusion prevention framework written in the Python programming language. It is able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally .-Functionality:...
for protection from unauthorized access while allowing permitted remote access. This is also useful for people who want to remotely access their computers. It is also used for censorship
Censorship
thumb|[[Book burning]] following the [[1973 Chilean coup d'état|1973 coup]] that installed the [[Military government of Chile |Pinochet regime]] in Chile...
.
On an Internet forum
Internet forum
An Internet forum, or message board, is an online discussion site where people can hold conversations in the form of posted messages. They differ from chat rooms in that messages are at least temporarily archived...
or Web site an IP ban is often used to prevent a disruptive member from access, though a warning and/or account ban may be used first. Dynamic allocation of IP addresses can complicate incoming IP blocking, rendering it difficult to block a specific user without blocking a larger number of IP addresses, thereby risking collateral damage caused by ISPs sharing IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
es of multiple internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
users.
Cyber bullies have developed a novel use for IP blocking that works to their advantage. They send an unthreatening email to an unsuspecting recipient. When the recipient responds, the cyber bully obtains and can then forge their IP address to send out emails, with the intent of getting the IP address banned and blocked. The recipient's subsequent emails are 'blocked' and returned 'undelivered'.
IP banning is also used to limit the syndication of content to a specific region. To achieve this IP-addresses are mapped to the countries they have been assigned to. This has been used to devastating effect most recently to target Nigerian IPs due to the perception that all business emanating from the country is fraudulent. Thus making it extremely difficult for legitimate businesses based in the country to interact with their counterparts in the rest of the world. To make purchases abroad, Nigerians rely on proxy companies to mediate transactions.
Proxy servers can be used to bypass an IP ban unless the site being accessed has an effective anti-proxy script.
See also
- Denial-of-service attackDenial-of-service attackA denial-of-service attack or distributed denial-of-service attack is an attempt to make a computer resource unavailable to its intended users...
- FirewallFirewall (computing)A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
- Internet censorshipInternet censorshipInternet censorship is the control or suppression of the publishing of, or access to information on the Internet. It may be carried out by governments or by private organizations either at the behest of government or on their own initiative...
- PeerBlockPeerBlockPeerBlock is a free software firewall application. PeerBlock is the successor to PeerGuardian . It blocks incoming and outgoing connections to Internet IP addresses that are included on blocklists accessible over the Internet which may be selected by the user, but also any addresses manually...
- PeerGuardianPeerGuardianPeerGuardian is a free and open source program developed by Phoenix Labs. It is capable of blocking incoming and outgoing connections based on IP blacklists...
- ProtoWallProtoWallProtoWall is a closed-source freeware program for IP blocking that is similar to PeerBlock. It is designed to block connections from organizations such as MediaSentry, BayTSP and MediaDefender while using peer-to-peer file sharing networks....
- Proxy serverProxy serverIn computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server...