IP address blocking

From Simple English Wikipedia, the free encyclopedia
Jump to navigation Jump to search

IP address blocking is a arrangement of a network service that blocks requests from hosts with certain IP addresses. IP address blocking is commonly used to protect against brute force attacks and to prevent access by a disruptive address. The blocking can be used to block access nor a particular geographic area, for example, the syndication of content to a specific region, otherwise known as geo-location and geo-blocking.[1]

Procedures[change | change source]

Every device connected to the Internet is assigned a unique IP address, which is needed to enable devices to communicate with each other. With proper software on the host website, the IP address of visitors to the site can be logged and can also be used to define the visitor's geographical location.[2][3]

Logging the IP address which describes, monitor if a person has visited the site before, for example, to vote more than once, as well as to monitor their viewing pattern, how long since they performed any activity on the site (and set a time out limit), etc.

Knowing the visitor's geo-location indicates, besides other things, the visitor's country.

Internet users may avoid geo-blocking and censorship and protect personal identity and location to stay unknown on the internet using a VPN connection.

Implementations[change | change source]

Unix-like operating systems commonly apply in IP address blocking using the TCP wrapper, configured by host access control files /etc/hosts.deny and /etc/hosts.allow.

Both companies and schools offering remote user access use Linux programs such as DenyHosts or Fail2ban for protection from unauthorized access while allowing permitted remote access. This is also useful for allowing remote access to computers. It is also used for Internet censorship.

Avoiding address blocking[change | change source]

Proxy servers and other methods can be used to bypass the blocking of traffic from IP addresses.[4] However, anti-proxy strategies are available. Consumer-ranked internet routers can sometimes obtain a new public IP address on-demand from the internet service provider using DHCP lease renewal to eluding individual IP address blocks, but this can be countered by blocking the range of IP addresses from which the internet service provider is assigning new IP addresses, which is usually a shared IP address prefix. However, this may impact valid users from the same internet service provider who have IP addresses in the same range, which unknowingly creates a denial-of-service attack.

In 2013, the United States court ruling in the case Craigslist v. 3Taps, US federal judge Charles R. Breyer held that bypassed an address block to access a website is a violation of the Computer Fraud and Abuse Act (CFAA) for "unauthorized access", punishable by civil damages.

References[change | change source]

  1. The John Marshall Journal of Computer & Information Law, Center for Computer/Law, 2003
  2. "What is an IP address?". HowStuffWorks. 2001-01-12. Retrieved 2019-12-13.
  3. "How cookies track you around the web & how to stop them". Privacy.net. 2018-02-24. Retrieved 2019-12-13.
  4. "How to Circumvent Online Censorship". ssd.eff.org. Archived from the original on 2018-12-23.