- Posts: 466
- Thank you received: 0
IP Blocking
19 years 5 months ago #9272
by KiLLaBeE
IP Blocking was created by KiLLaBeE
I'm wondering...If someone has a dynamic IP address, and he is blocked from a website based on his IP address, couldn't he just disconnect from the internet, and sign back on (automaticly getting a new IP address, since he has a dynamic IP address) and be able to bypass the firewall's IP block?
If not, please explain.
Thank you.
If not, please explain.
Thank you.
19 years 5 months ago #9273
by DaLight
Replied by DaLight on topic Re: IP Blocking
That is true, but it all depends on how his ISP assigns addresses. With some ISPs depending on the size of their public IP allocation, it may be possible that when he reconnects he may have the same IP unless he's been signed off for a while.
- The_Berzerker
- Offline
- Premium Member
Less
More
- Posts: 318
- Thank you received: 0
19 years 5 months ago #9275
by The_Berzerker
Replied by The_Berzerker on topic Re: IP Blocking
That's true especially with dialup connections, but if someone is using an adsl connection with a dynamic ip he may have the same IP for about 3 days... The bad thing is that the new person that gets the blocked ip will not be able to browse to that webpage....
19 years 5 months ago #9279
by nske
Replied by nske on topic Re: IP Blocking
heh Berzerker, at home, I've had the same IP address for more than a month -my subscription has also expired some weeks now, but that's an other story
As Dalight said, it's a matter of the ISP's allocation policy.
Bans based on IP address serve only to make understandable to the user that he has done something wrong. Obviously it is easy to bypass that kind of blocking -there are numerous ways to be blocked based on other, more efficient identification criteria, but in the end there are only so much that one can do to and from a point after, it just doesn't worth the trouble: if the user is stuborn, wants to play it smart, has time to kill or whatever, he'll get through anyway.
As Dalight said, it's a matter of the ISP's allocation policy.
Bans based on IP address serve only to make understandable to the user that he has done something wrong. Obviously it is easy to bypass that kind of blocking -there are numerous ways to be blocked based on other, more efficient identification criteria, but in the end there are only so much that one can do to and from a point after, it just doesn't worth the trouble: if the user is stuborn, wants to play it smart, has time to kill or whatever, he'll get through anyway.
19 years 5 months ago #9280
by ping
The greatest pleasure in life is doing what people say you can not do..!!
Replied by ping on topic Re: IP Blocking
I was wondering if there are any other ways to block user from accesing one perticular site other than blocking it's ip ?
The greatest pleasure in life is doing what people say you can not do..!!
19 years 5 months ago #9289
by nske
Replied by nske on topic Re: IP Blocking
Sure, you can use whatever information are sent through the http headers (like the User-Agent, X-Forwarded-For or Accept-Language strings) or can be made available through a client side script (i.e. javascript), like resolution & colour bit depth, OS version, settings or file patterns and other.
It is also easy to block subcribers of a specific ISP, or of a specific department of an ISP, regardless of whether the IP addresses assigned are consistent, based on their reverse DNS which is usually consistent.
With a combination of the above you can give someone a hard time accessing the web page, but there is nothing of these information that can not be changed by the user, so in the end you may end up wasting resources from your server and from all your wanted users, or risking compatibility, just to delay one or two unwanted users that eventually will bypass all the checks
It is also easy to block subcribers of a specific ISP, or of a specific department of an ISP, regardless of whether the IP addresses assigned are consistent, based on their reverse DNS which is usually consistent.
With a combination of the above you can give someone a hard time accessing the web page, but there is nothing of these information that can not be changed by the user, so in the end you may end up wasting resources from your server and from all your wanted users, or risking compatibility, just to delay one or two unwanted users that eventually will bypass all the checks
Time to create page: 0.144 seconds