On blocking access from large IP ranges

The Register recently republished a SecurityFocus article by Scott Granneman, called On blocking Chinese IP addresses, discussing the implications of blocking essentially all of China from accessing a web host due to the number of spam attacks from Chinese networks.

In the course of the article, Mr Granneman asks:

Here's a good question. What needs to come first: the needs of the web servers my friends run, or the needs of a guy sitting in Shanghai that wants to view the content of that web site?

In my opinion the answer is clear: the needs of your users come first. As for why, let me quote from the SAGE Code of Ethics:

  • I will design and maintain each system in a manner to support the purpose of the system to the organization.

What they said. My duty lies first to my own users, and only second to anyone else.

An open Internet is a great thing, and it would be nice to have one. But it is now less and less compatible with running systems that are useful to their users. I hate firewalling off large chunks of the net from our mailer, but I would hurt even more from our users fleeing email because of spam. And so I firewall.

Sorry, unnamed person in Shanghai. And I know that undoubtedly sounds cold to those who I am leaving out in the cold.

These are my WanderingThoughts
(About the blog)

GettingAround
Full index of entries
Recent comments

This is part of CSpace, and is written by ChrisSiebenmann.

* * *

Atom feeds are available; see the bottom of most pages.

This is a DWiki.
(Help)

Categories: links, linux, programming, python, snark, solaris, spam, sysadmin, tech, unix, web

Search:
Written on 01 September 2005.
(Previous | Next)
Page tools: View Source, Add Comment.
Search:
Login: Password:
Atom Syndication: Recent Comments.
Last modified: Thu Sep 1 00:30:59 2005
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.