A Website Dedicated to Computer Professional...and some not so Professional

Why Doesn't ISP Providers Offer Geo-Blocking
Douglas Chick

There is a battle of blocking networks being fought among network administrators and network engineers that span the globe. This is largely attributed to ISPs not securing their network from Viruses, Spammers and Hacker and leaving it to the lowly network administrator responsible for protecting their networks and it is every person for themselves.

    What happens is this; One network administrator will contact another and say, "I have logged numerous attacks on my network from your network and I have no choice but to block your entire network range if you can not stop these assaults to my companies equipment." The other networker might respond by saying, "I would like to stop this but because this attacks don't really originate from my network and are in fact a spoofed IP number there is nothing that I can do to help you." So the network is blocked by another network and in retaliation it too is blocked, neither network can be reached by the other.  

Note: It is more common to reroute unwanted traffic to a null interface then to block them. This is because blocking takes up more resources on a router then to simply reroute them into a null interface, or bit bucket. 

     Blocking has become the number one tool for administrators to protect their systems. I think that I would drop my current ISP and all frame-relay and T1 circuits in a flash if a phone company would offer protection from hackers and self-propagating viruses that roam the information superhighway like nomads. You would think as starved as these Internet Providers are for business someone might think this a good idea. But then again, phone company executives are known for their bureaucracy, not their intellect. Company network administrators have been blocking spammers and hackers for years without any help from their ISP and this style of IP blocking has been our only means of protection. 

    The term "One Billion Chinese Hackers" is a reference to all of the viruses and hack attempts that originate from Asia. More specifically China, Korea and India. One could even say, in poor taste taste that is, that that these three countries are the computer network administrators axis of hacker terror. With respect to the Chinese, Indian and Korean people, if I thought I could just block out these countries from my network I would. Maybe I can but I don't know how to. After all, none of these countries need access to my company's network. They don't need to send anyone at my work e-mail, they don't need to interact with our website, so why can't I employ Geo Blocking on my router. Or even better, why don't ISP's provided International blocking as a default service? After all, phone companies offer international blocking for phone. 

     If a company doesn't do business internationally, they should have an option to be removed from participating on the global internet. This would stop 90 percent of the spam, viruses, and hacks. 


Search Now:
In Association with Amazon.com