IP address blocking

[1] IP address blocking can be implemented with a hosts file (e.g., for Mac, Windows, Android, or OS X) or with a TCP wrapper (for Unix-like operating systems).

[4][5] Internet users may circumvent geo-blocking and censorship and protect their personal identity using a Virtual Private Network.

For large websites, Terms of Services usually reserve the right of their admins to block access at own discretion, enabling them to create collateral damage this way.

Unix-like operating systems commonly implement IP address blocking using a TCP wrapper, configured by host access control files /etc/hosts.deny and /etc/hosts.allow.

Hosts files are used by many operating systems, including Microsoft Windows, Linux, Android, and OS X.

However, this may impact legitimate users from the same internet service provider who have IP addresses in the same range, which inadvertently creates a denial-of-service attack.

A letter from the Russian Federal Security Service (FSB) about IP blocking of ProtonMail [ relevant? ]