Why did I receive this - your ip has been banned there was recaptcha dumbass?

727    Asked by AnishaDalal in Cyber Security , Asked on Sep 23, 2022

Why do people use IP address bans (e.g. to block a malicious user from an internet service) when IP addresses change often?


For example, we turn our router off every night so our IP address often changes in the morning. Furthermore, often a simple power-cycle is enough to change the IP address. Thus IP address bans are relatively ineffective.


On the other hand, banning IP addresses can cause a lot of grief for innocent users who are using the former IP addresses of a malicious user, and sometimes a range of IP addresses is banned thus causing the banning of innocent users to affect even more people.


So why are IP address bans still used?

P.S. I am referring specifically to long-term bans. I perfectly understand the advantages of short-term bans e.g. to put a block on a spam or DoS attack, or other situations where briefly disrupting the malicious traffic is beneficial.

Answered by Ankit Chauhan

Regarding your ip has been banned there was recaptcha dumbass -


IP address bans have flaws as you mention, but I think the primary reason they are used is simply that there aren't really any better alternatives. Other identifying features, like browser user agent, cookies, browser fingerprint, etc. are even easier to spoof or circumvent. There are plenty of extensions you can use to change your user agent or fingerprint, and cookies can simply be cleared.

For example, we turn our router off every night so our IP address often changes in the morning. Furthermore, often a simple power-cycle is enough to change the IP address. Thus IP address bans are relatively ineffective.

The ease with which you can change your IP address depends heavily on the ISP. For instance, back when I had Verizon DSL, my IP address would change each time I turned the modem off and back on just like what you describe. But after switching to Comcast, my IP address has not changed for the entire two years I've been with them, even after multiple power outages and modem restarts. So the "router reboot" workaround won't necessarily work for everyone.

Another thing you should consider is that even if you're one of those people who can change your IP address with a reboot, you're likely still getting an IP address from a fairly limited pool of addresses. This is because ISPs generally don't assign addresses completely randomly; they divide their service area into smaller areas (e.g. neighbourhoods), and then allocate a small range of addresses to assign to customers in each area. So if there was a really persistent and problematic user, a site administrator could ban the entire address range (though this could cause significant problems for other users as you mention).

Side note: It's worth mentioning that there are other ways of masking your IP address that get around this problem, like using a VPN service or Tor. Some sites, like Wikipedia, try to block all IP addresses of known public proxies to counter this. On the other hand, banning IP addresses can cause a lot of grief for innocent users who are using the former IP addresses of a malicious user, and sometimes a range of IP addresses is banned thus causing the banning of innocent users to affect even more people.

Yes, IP address bans are a blunt tool and this is one of the problems inherent with them. This is especially the case when an IP address is shared by hundreds or thousands of users in the same building, or even a large part of an entire nation via carrier-grade NAT. It is the responsibility of site administrators to minimise the effects of IP address bans on legitimate users. Various measures can be taken - for instance, you could make an effort to identify IP addresses that are shared and make sure those IP addresses are only banned for short periods, or make it so that users with a certain minimum reputation can still log in from banned IP addresses and remain unaffected by them. If done right, IP address bans can be very effective at blocking unwanted users while having minimal impact on legitimate ones.


Your Answer

Interviews

Parent Categories