IP address blocking or IP banning is a configuration of a network service that blocks requests from hosts with certain IP addresses. IP address blocking is commonly used to protect against brute force attacks and to prevent access by a disruptive address. It can also be used to restrict access to or from a particular geographic area; for example, syndicating content to a specific region through the use of Internet geolocation. [1]
IP address blocking can be implemented with a hosts file (e.g., for Mac, Windows, Android, or OS X) or with a TCP wrapper (for Unix-like operating systems). It can be bypassed using methods such as proxy servers; however, this can be circumvented with DHCP lease renewal.
Every device connected to the Internet is assigned a unique IP address, which is needed to enable devices to communicate with each other. With appropriate software on the host website, the IP address of visitors to the site can be logged and can also be used to determine the visitor's geographical location. [2] [3]
Logging the IP address can, for example, monitor if a person has visited the site before, for example, to vote more than once, as well as to monitor their viewing pattern, how long since they performed any activity on the site (and set a time out limit), besides other things.
Knowing the visitor's geolocation indicates, besides other things, the visitor's country. In some cases, requests from or responses to a certain country would be blocked entirely. Geo-blocking has been used, for example, to block shows in certain countries, such as censoring shows deemed inappropriate. This is especially frequent in places such as China. [4] [5]
Internet users may circumvent geo-blocking and censorship and protect their personal identity using a Virtual Private Network. [4]
On a website, an IP address block can prevent a disruptive address from access, though a warning and/or account block may be used first. Dynamic allocation of IP addresses by ISPs can complicate IP address blocking by making it difficult to block a specific user without blocking many IP addresses (blocks of IP address ranges), thereby creating collateral damage. [6] For websites with low-enough popularity (often intentionally, with explicitly declaring the majority of potential visitors as out-of-scope) the large-scale collateral damage is often tolerable: most of website accesses, for addresses belong to the same IP range, are accesses of persons just having a dynamic IP address, but the same Internet service provider (ISP), country, city and city districts, based on which IP ranges are assigned by ISPs. On websites with low-enough total visitor count, it is improbable that all these features match more than a single person. For large websites, Terms of Services usually reserve the right of their admins to block access at own discretion, enabling them to create collateral damage this way.
Unix-like operating systems commonly implement IP address blocking using a TCP wrapper, configured by host access control files /etc/hosts.deny and /etc/hosts.allow.
Both companies and schools offering remote user access use Linux programs such as DenyHosts or Fail2ban for protection from unauthorized access while allowing permitted remote access. This is also useful for allowing remote access to computers. It is also used for Internet censorship.
IP address blocking is possible on many systems using a hosts file, which is a simple text file containing hostnames and IP addresses. Hosts files are used by many operating systems, including Microsoft Windows, Linux, Android, and OS X.
Proxy servers and other methods[ which? ] can be used to bypass the blocking of traffic from IP addresses. [7] However, anti-proxy strategies are available. Consumer-grade internet routers can sometimes obtain a new public IP address on-demand from the ISP using DHCP lease renewal to circumvent individual IP address blocks. This, however, can be countered by blocking the range of IP addresses from which the internet service provider is assigning new IP addresses, which is usually a shared IP address prefix. However, this may impact legitimate users from the same internet service provider who have IP addresses in the same range, which inadvertently creates a denial-of-service attack.
In the case Craigslist v. 3Taps (2013), US federal judge Charles R. Breyer held that circumventing an address block to access a website is a violation of the Computer Fraud and Abuse Act for "unauthorized access", and is thus punishable by civil damages.
An Internet filter is software that restricts or controls the content an Internet user is capable to access, especially when utilized to restrict material delivered over the Internet via the Web, Email, or other means. Such restrictions can be applied at various levels: a government can attempt to apply them nationwide, or they can, for example, be applied by an Internet service provider to its clients, by an employer to its personnel, by a school to its students, by a library to its visitors, by a parent to a child's computer, or by an individual user to their own computers. The motive is often to prevent access to content which the computer's owner(s) or other authorities may consider objectionable. When imposed without the consent of the user, content control can be characterised as a form of internet censorship. Some filter software includes time control functions that empowers parents to set the amount of time that child may spend accessing the Internet or playing games or other computer activities.
An Internet Protocol address is a numerical label such as 192.0.2.1 that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface identification, and location addressing.
In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and possibly performance in the process.
Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.
In computing, Internet geolocation is software capable of deducing the geographic position of a device connected to the Internet. For example, the device's IP address can be used to determine the country, city, or ZIP code, determining its geographical location. Other methods include examination of Wi-Fi hotspots,
Freegate is a software application developed by Dynamic Internet Technology (DIT) that enables internet users to view websites blocked by their governments. The program takes advantage of a range of proxy servers called Dynaweb. This allows users to bypass Internet firewalls that block web sites by using DIT's Peer-to-peer (P2P)-like proxy network system. FreeGate's anti-censorship capability is further enhanced by a new, unique encryption and compression algorithm in the versions of 6.33 and above. Dynamic Internet Technology estimates Freegate had 200,000 users in 2004. The maintainer and CEO of DIT is Bill Xia.
Internet censorship is the legal control or suppression of what can be accessed, published, or viewed on the Internet. Censorship is most often applied to specific internet domains but exceptionally may extend to all Internet resources located outside the jurisdiction of the censoring state. Internet censorship may also put restrictions on what information can be made internet accessible. Organizations providing internet access – such as schools and libraries – may choose to preclude access to material that they consider undesirable, offensive, age-inappropriate or even illegal, and regard this as ethical behavior rather than censorship. Individuals and organizations may engage in self-censorship of material they publish, for moral, religious, or business reasons, to conform to societal norms, political views, due to intimidation, or out of fear of legal or other consequences.
Most Internet censorship in Thailand prior to the September 2006 military coup d'état was focused on blocking pornographic websites. The following years have seen a constant stream of sometimes violent protests, regional unrest, emergency decrees, a new cybercrimes law, and an updated Internal Security Act. Year by year Internet censorship has grown, with its focus shifting to lèse majesté, national security, and political issues. By 2010, estimates put the number of websites blocked at over 110,000. In December 2011, a dedicated government operation, the Cyber Security Operation Center, was opened. Between its opening and March 2014, the Center told ISPs to block 22,599 URLs.
DNS hijacking, DNS poisoning, or DNS redirection is the practice of subverting the resolution of Domain Name System (DNS) queries. This can be achieved by malware that overrides a computer's TCP/IP configuration to point at a rogue DNS server under the control of an attacker, or through modifying the behaviour of a trusted DNS server so that it does not comply with internet standards.
On 5 December 2008, the Internet Watch Foundation (IWF), a British watchdog group, blacklisted content on the English Wikipedia related to Scorpions' 1976 studio album Virgin Killer, due to the presence of its controversial cover artwork, depicting a young girl posing nude, with a faux shattered-glass effect obscuring her genitalia. The image was deemed to be "potentially illegal content" under English law which forbids the possession or creation of indecent photographs of children. The IWF's blacklist is used in web filtering systems such as Cleanfeed.
Internet censorship circumvention, also referred to as going over the wall or scientific browsing in China, is the use of various methods and tools to bypass internet censorship.
VPN blocking is a technique used to block the encrypted protocol tunneling communications methods used by virtual private network (VPN) systems. Often used by large organizations such as national governments or corporations, it can act as a tool for computer security or Internet censorship by preventing the use of VPNs to bypass network firewall systems.
PirateBrowser is an Internet browser by The Pirate Bay used to circumvent Internet censorship.
The precise number of websites blocked in the United Kingdom is unknown. Blocking techniques vary from one Internet service provider (ISP) to another with some sites or specific URLs blocked by some ISPs and not others. Websites and services are blocked using a combination of data feeds from private content-control technology companies, government agencies, NGOs, court orders in conjunction with the service administrators who may or may not have the power to unblock, additionally block, appeal or recategorise blocked content.
The child abuse image content list is a list of URLs and image hashes provided by the Internet Watch Foundation to its partners to enable the blocking of child pornography & criminally obscene adult content in the UK and by major international technology companies.
Geo-blocking, geoblocking or geolocking is technology that restricts access to Internet content based upon the user's geographical location. In a geo-blocking scheme, the user's location is determined using Internet geolocation techniques, such as checking the user's IP address against a blacklist or whitelist, GPS queries in the case of a mobile device, accounts, and measuring the end-to-end delay of a network connection to estimate the physical location of the user. The IP address location tracking, a field pioneered by Cyril Houri, the inventor of one of the first systems capable of identifying a user's geographical location via their IP address. is typically used for geo-blocking. This technology have become widely used in fraud prevention, advertising, and content localization, which are integral to geo-blocking applications. The result of the checks is used to determine whether the system will approve or deny access to the website or to particular content. The geolocation may also be used to modify the content provided, for example, the currency in which goods are quoted, the price or the range of goods that are available, besides other aspects.
Internet censorship in Switzerland is regulated by the Federal Supreme Court of Switzerland on a case by case basis. Internet services provided by the registered with BAKOM Internet service providers (ISPs) are subject to a "voluntary recommendation" by the Federal Supreme Court of Switzerland, which requires blocking of websites just after 18 December 2007. As of October 2015, this might change soon and additional topics like Online gambling are on the focus now.
Domain fronting is a technique for Internet censorship circumvention that uses different domain names in different communication layers of an HTTPS connection to discreetly connect to a different target domain than that which is discernable to third parties monitoring the requests and connections.
A virtual private network (VPN) service provides a proxy server to help users bypass Internet censorship such as geo-blocking and users who want to protect their communications against data profiling or MitM attacks on hostile networks.
Snowflake is a software package for assisting others in circumventing internet censorship by relaying data requests. Snowflake relay nodes are meant to be created by people in countries where Tor and Snowflake are not blocked. People under censorship then use a Snowflake client, packaged with the Tor Browser or Onion Browser, to access the Tor network, using Snowflake relays as proxy servers. Access to the Tor network can in turn give access to other blocked services. A Snowflake node can be created by either installing a browser extension, installing a stand-alone program, or browsing a webpage with an embedded Snowflake relay. The node runs whenever the browser or program is connected to the internet.
Media related to IP address blocking at Wikimedia Commons