ipddosip-blocking

Blocking an IP would affect people other than the user I wanted to ban?


Do Internet Providers give the same IP for more than one customer?

I want to know if an ISP could give the same public IP address to more than one customer. Theoretically it is possible right?

If they can is it something they do regularly? I mean, not necessarily all the time, but I wonder if it's something that eventually happens

Me and my neighbor could be sharing the same IP to the internet?

My question actually comes from a security reason. To defend from DOS attackers I would ban their IPs for some time. Would other people get affected by that?

In a real production scenario, would you solve DOS by blocking IPs at application layer?


Solution

  • A public IP address is normally assigned to an internet connection. Typically that means an entire home or office or an individual mobile device. So you and your neighbor will typically (unless your neighbor is using your WiFi or vice versa) be on different IP addresses.

    However, many ISPs will recycle IP addresses. This happens frequently on mobile devices as the IP address at any moment will typically be assigned based on the cell tower you are connecting to. With cable, DSL and fiber connections your IP address may be constant for days or even months at a time, even without having a contracted static IP address.

    Where this really comes into play is blocking spam. Many spam filters depend in whole or in part on real-time blacklists (RBLs). I have also done similar things (aha! it IS a programming question!) to block spam robots from some customer web sites.

    If an IP address is associated with a region of the world where you do not expect to have many customers (or to receive any email from that region) then it is generally safe to block a large range of IP addresses. On the other hand, if the IP address is local to your customer base then blocking a large range would not be advisable, and even blocking one known problem IP address at a time can be problematic if either the IP address is reused and then effectively unavailable to some other potential customer OR if the IP address is actually an email server used by a large group of customers (this happens frequently with hosting providers that don't manage blacklist issues).