Talk:IP blocking
From Wikipedia, the free encyclopedia
What about ip blocking as in software
Is that legal? ugen64 21:14, Feb 24, 2004 (UTC)
- Never mind... ugen64 21:14, Feb 24, 2004 (UTC)
- Is this really the right place for a dammed ad? 82.82.51.134 01:14, 20 Mar 2004 (UTC)
-
- no. - Hephaestos|ยง 01:15, 20 Mar 2004 (UTC)
[edit] Evasion/Effectiveness of IP Blocking
What about methods of evading an IP ban, and it's effectiveness? For example I believe some people's ISP assigns them a different IP address quite often, as mine seems to. I also heard that a proxy can be used to evade an IP ban, though I barely know what this means.
[edit] A Detailed Response
Preface - please let me know if you think the following should be included in the article page for IP blocking. I can provide numerous written texts, both in book from and from the annals of the IEEE that detail the original structure of the Internet and how it has evolved into what it is today.
Thanks! Dr1819 19:47, 10 June 2006 (UTC)
As a networking security consultant, and member of IEEE, I strongly oppose IP address banning for several key reasons:
1. It's duck-hunting with nuclear weapons, targeting numerous innocent users. Banning even one IP address can hurt tens, hundreds, even thousands of legitimate users, depending upon how many users reside behind that address. "Just one" you say? Think again! In fact, most users of the Internet no longer have static IP addresses. Static IP addresses have been relegated to content providers, and even that is began changing several years ago with the introduction of dynamic DNS. Back on the client side, many corporations, including quite a few Internet Service Providers, have switched from proxies to NATs because of greater security of NATs, and the significantly lower costs of managing users' IP address.
2. Banning ranges of IP address in an attempt to "smother" an elusive user simply multiplies these consequences. For example, I know of one ISP that uses just four Class C IP addresses in it's Internet presentation, yet has more than 15,000 subscribers behind it's NAT implementation. Users can appear to be any one of the four when they start their systems. Banning the entire class C range would ban, at a minimum, slightly more than 65,000 users, and can potentially number in the millions, depending upon who's behind what level of NAT devices.
3. It does nothing to deter networking-savvy users, as IP addresses are far to easily spoofed. I often demonstrate this to my clients by re-registering and posting new content after being "test-banned," and without using a proxy.
4. Proxies can work around the problem, but can also be detected. While detecting and eliminating proxies isn't difficult, it's impossible to detect and elminate a NAT-based firewall, which can be configured to look like any machine, even those from a completely different device or manufacturer, including it's MAC address. Since Internet firewall software is a very good thing (keeps hackers and hijackers at bay), requiring users to turn it off so that the server can ping the user (or user other less well known but highly effective tools to make a more positive ID of the network interface card) is, by comparison, a very bad thing. Going that route promotes a very unsafe Internet, and should be avoided at all costs.
5. DHCP, or Dynamic Host Control Protocol, is used to provide IP addresses to most cable and DSL modem users. Put simply, users are assigned a new IP address each time they connect their computer (or router) to the Internet. Getting a new IP address is a simply matter of turning off your equipment long enough for your previous IP address to be assigned to someone else. One problem with IP address banning is that the new user who inherets the banned IP address won't be able to use Wiki!
Thus, IP address banning is extremely dated and has not been a valid approach since static IP addresses headed out the window when [RFC 1531] was published in 1993. Given the current organization and structure of the Internet, including the fact that most users no longer have static IP addresses, IP address banning is has become highly injurious to the Internet community as a whole, inadvertantly targeting large numbers of innocent users, which causes serious consternation and discontent among the innocent. Websites who continue to employ this very outdated control cause significant harm to the Internet community. In summary, it should never be a policy of any website catering to large numbers of users.
Fortunately, there are several alternatives to IP address banning, including content comparison software. Most users are fairly well-behaved, and troublemakers make up a small percent. It's not a difficult task to install a software that compares content from recently banned members with that posted by new members, particularly those that begin posting on the same pages. While it shouldn't be used alone as a criteria for banning, it can help support a decision based upon how well the two match with respect to the general vocabulary used, the grammer, and even the style of writing. A good rule of thumb to limit what's considered a "positive ID" to the worst few percent, and deal with the rest using the following guidelines:
The most effective way to keep things civil is to enforce standards with grace, primarily by example, particularly by the admins. If admins are grossly violating the rules in their attempts to corral a rogue user, perhaps their approach is flawed. It's always good policy to work with the users, helping those who're wayward to learn more about what's acceptable and what's not, not only with what's considered good content, but also with sound practices for debating content. Using buttoms to automate some of the reminders and "lesson's learned" can greatly ease this task. Online content software can, and should continue to be developed that will force the user to read pertinant guidelines, and even take a short 3 to 5 question test before their posting privaleges are restored. The good news is that everything except the initial assessment of someone's post can be automated by the software.
One final comment is that online content that require users to log in before posting experience a significantly lower rate of problems, on average, than those which allow anonymous posting. Dr1819 19:47, 10 June 2006 (UTC) Updated Dr1819 -- The present entry only discusses the use by web sites to block incoming communications from certain IP addresses. It ignores the wide-spread use by individuals for blocking their IP addresses so web sites cannot determine who is reading or downloading from the site. Some people do this for unlawful purposes, or to post defamatory, obscene or threatening messages without being identifiable. Others may do it for quite reasonable purposes. For example, some companies may collect static IP addresses and add the person to an email list for announcing new products.
It would be good for someone to add this information to the Wikipedia posting on IP blocking. David Simon