cancel
Showing results for 
Search instead for 
Did you mean: 

Reasoning behind IP blocking?

N/A

Reasoning behind IP blocking?

Can I ask what the reasoning behind preventing access to various services via IP blocks has been?

At first glance people will see that PlusNet are doing something, but in practical terms I can't see it helping. Anyone who really wants to bypass these blocks can easily do so, while valid customers are being inconvenienced.
4 REPLIES
Community Veteran
Posts: 4,729
Registered: 04-04-2007

Reasoning behind IP blocking?

"Low hanging fruit."

The chance is that the recent webmail attack was not aimed at PlusNet but at @Mail.

So if IP address blocks had stopped the attacker from finding PlusNet's @Mail installation, then he would have moved on to another target.

Chilly
N/A

Reasoning behind IP blocking?

I'm sure the recent attack was aimed at outdated and flawed installations of @mail. But two things.. Firstly they're trying to close the stable door after the horse has bolted. And secondly, who says a 'UK' IP wasn't used? There's plenty of BotNet's out there to take advantage of for scanning, with IP's from just about everywhere in the world.

The problem here was most definitely not one of IP addresses. If someone someone was scanning for vulnerable systems, the real way PlusNet would not have been a target was to have not been running a vulnerable system. Not to have blocked 'non UK' IP's.

The idea of focussing efforts on known vector after an attack is bad practice. Once a route has been used and closed it won't be focussed upon again. Generalised good practices are needed, not knee-jerk reactions.

Someone's not going to revisit the scene of a crime using the same means, and if they wanted to it's well known that they are blocking certain IP's so someone will spook their way in if tehy didn't have direct access to an IP within the 'wall'. If PlusNet still think their systems have holes, stop them and close them. If they think they're safe, don't use petty half-arsed measures that only inconvenience customers.

So sorry chilly, I'm not buying that as a good explanation Smiley It may be the reasoning used, but if so.. it's pretty bad IMHO.
Community Veteran
Posts: 4,729
Registered: 04-04-2007

Reasoning behind IP blocking?

I agree its blunt, but IMHO worthwhile while.

Chilly
N/A

Reasoning behind IP blocking?

Fair enough Smiley We'll have to agree to differ on this one then.

I still don't see it as doing anything beyond a perceived good. It makes it look like something is being done but serves very little practical purpose.

But sadly that seems to be the approach to security beyond just PlusNet or Computers these days..