[Info-vax] List of denied IP addresses
Dennis Boone
drb at ihatespam.msu.edu
Fri Mar 25 09:11:05 EDT 2022
> I figure we don't sell to Russia any more anyway. So where's the harm?
The potential harm is that such lists are at best approximations:
They're prone to not having _all_ the IPs assigned to a given geographic
area, due to errors or horse trading of IP blocks. Thus they may give a
false sense of security.
They're prone to including things that are no longer assigned to a given
geographic area, for the same reasons. They may therefore block wanted
traffic.
They fail to account for VPNs. Because of this, they may block wanted
traffic from legitimate but anonymity-conscious users who happened to be
assigned an outbound point within a blacklisted block.
They fail to account for the trivial availability of virtual machine
availability as a launching point for whatever activity is (not) being
blocked by the use of the list.
None of this means blacklists are completely useless, but one should not
use them without a firm understanding of the tradeoffs.
De
More information about the Info-vax
mailing list