Mdthbs

What exactly is a web font, and what does converting to one involve?

With a 500GB SSD and a 250GB SSD is it possible to mirror a 250GB partition on the 500GB with the 250GB SSD using ZFS?

Plot irregular circle in latex

Paradox regarding phase transitions in relativistic systems

What’s a “dissipated” garment supposed to be?

Is it safe to unplug a blinking USB drive after 'safely' ejecting it?

How to convey to the people around me that I want to disengage myself from constant giving?

Does Mage Hand give away the caster's position?

Why would a fighter use the afterburner and air brakes at the same time?

Plausibility and performance of a composite longbow

Why do we need to use transistors when building an OR gate?

Inquiry answerer

Statistical tests for benchmark comparison

Is the name of an interval between two notes unique and absolute?

What's the word for a student who doesn't register but goes to a class anyway?

Why are two-stroke engines nearly unheard of in aviation?

Does rpcpassword need to be non-obvious in bitcoind?

How is underwater propagation of sound possible?

What are the end bytes of *.docx file format

Should the pagination be reset when changing the order?

Is it possible that the shadow of The Moon is a single dot during solar eclipse?

Is this adjustment to the Lucky feat underpowered?

Account creation and log-in system

Why is belonging not transitive?

Is there any actual security benefit to restricting foreign IPs?

Will my company’s VPN work internationally, and will it alert them or display as a security threat?Is there any added security benefit to username complexity requirements?Are there any web application security standards?Are there “LAN IPs” on the internet?Adding hash value to user supplied URL in a web application: any security benefit?What benefit is there to Craigslist's phone number masking?Is there any security reason to not post your IP address somewhere?Is there any way to link two different IPs to eachother by identifying the router they came from?Is there any security benefit to not using cookies?Security increase by use of uncommon IPs?Is there any security threat of using 'curl https://ipinfo.io/ip' to find our IP?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}

5

I am currently outside the US trying to log in to my health care provider's website and the connection just times out. I reached out to them on Twitter and they told me that as a security measure they block connections from outside of the US and suggest I use a VPN.

So great I can use a VPN to solve my problem. But I am curious, is there any real security advantage to this sort of IP blocking? I am a geek (WebDev) but not a security specialist so I am sure I am missing something, but it seems to me that if I can use a VPN to connect from Europe then any reasonable hacker would just do the same thing.

web-application ip geolocation

share|improve this question

edited 8 hours ago

schroeder♦

86.1k3434 gold badges192192 silver badges231231 bronze badges

asked 9 hours ago

Matthew NicholsMatthew Nichols

12633 bronze badges

New contributor

Matthew Nichols is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  It may mitigate the random port scans that come from botnets. It's like a picket fence; kids aren't going to run into your yard, but it's not going to stop a burglar who has targeted your house.
  
  – Ghedipunk
  9 hours ago
  

  
  
  
  

add a comment
 | 

5

I am currently outside the US trying to log in to my health care provider's website and the connection just times out. I reached out to them on Twitter and they told me that as a security measure they block connections from outside of the US and suggest I use a VPN.

So great I can use a VPN to solve my problem. But I am curious, is there any real security advantage to this sort of IP blocking? I am a geek (WebDev) but not a security specialist so I am sure I am missing something, but it seems to me that if I can use a VPN to connect from Europe then any reasonable hacker would just do the same thing.

web-application ip geolocation

share|improve this question

edited 8 hours ago

schroeder♦

86.1k3434 gold badges192192 silver badges231231 bronze badges

asked 9 hours ago

Matthew NicholsMatthew Nichols

12633 bronze badges

New contributor

Matthew Nichols is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  It may mitigate the random port scans that come from botnets. It's like a picket fence; kids aren't going to run into your yard, but it's not going to stop a burglar who has targeted your house.
  
  – Ghedipunk
  9 hours ago
  

  
  
  
  

add a comment
 | 

I am currently outside the US trying to log in to my health care provider's website and the connection just times out. I reached out to them on Twitter and they told me that as a security measure they block connections from outside of the US and suggest I use a VPN.

So great I can use a VPN to solve my problem. But I am curious, is there any real security advantage to this sort of IP blocking? I am a geek (WebDev) but not a security specialist so I am sure I am missing something, but it seems to me that if I can use a VPN to connect from Europe then any reasonable hacker would just do the same thing.

web-application ip geolocation

share|improve this question

edited 8 hours ago

schroeder♦

86.1k3434 gold badges192192 silver badges231231 bronze badges

asked 9 hours ago

Matthew NicholsMatthew Nichols

12633 bronze badges

New contributor

Matthew Nichols is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

edited 8 hours ago

schroeder♦

86.1k3434 gold badges192192 silver badges231231 bronze badges

asked 9 hours ago

Matthew NicholsMatthew Nichols

12633 bronze badges

New contributor

Matthew Nichols is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

edited 8 hours ago

schroeder♦

86.1k3434 gold badges192192 silver badges231231 bronze badges

asked 9 hours ago

Matthew NicholsMatthew Nichols

12633 bronze badges

New contributor

Matthew Nichols is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

edited 8 hours ago

schroeder♦

86.1k3434 gold badges192192 silver badges231231 bronze badges

edited 8 hours ago

schroeder♦

86.1k3434 gold badges192192 silver badges231231 bronze badges

asked 9 hours ago

Matthew NicholsMatthew Nichols

12633 bronze badges

New contributor

Matthew Nichols is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 9 hours ago

Matthew NicholsMatthew Nichols

12633 bronze badges

1 Answer
1

active

oldest

votes

8

The concept is "reducing the threat surface". If there is an expectation that no connections will be made from a certain geographic area, then it makes sense to block that area, because, by definition, it is not legitimate. In theory. (For a health provider, it's a weird choice since customers might want to manage their health while traveling, but this is a side issue.)

For one company I worked for, there was a list of countries that listed the Top 12 worst offenders for cybercrime, and we did not have any customers in those countries. So, it made sense to block them.

Could attackers use proxies/VPNs to attack from an allowed IP? You bet. Did they? Who knows. Did we experience high volumes of attacks from those 12 counties anyway? Oh yes. We saw an immediate 80% drop in traffic to our webservers when we started the geo-IP ban.

share|improve this answer

edited 7 hours ago

answered 9 hours ago

schroeder♦schroeder

86.1k3434 gold badges192192 silver badges231231 bronze badges

• 
  
  
  

  
  3
  

  
  
  
  
  
  

  
  
  OK great so there is at least some utility. Whether it is worth the inconvenience to actual customers is as you acknowledge a separate issue.Thanks.
  
  – Matthew Nichols
  8 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @MatthewNichols you got it
  
  – schroeder♦
  7 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  My company kept getting pings by random overseas "users" where we didn't have any clients, so we banned those countries as well. Basically, it makes it harder to be picked up by a random pickpocket, but it's not going to stop a targeted attack (the cynic in me says nothing has been found yet to stop a targeted attack).
  
  – Hosch250
  3 mins ago
  

  
  
  
  

add a comment
 | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

Matthew Nichols is a new contributor. Be nice, and check out our Code of Conduct.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f218098%2fis-there-any-actual-security-benefit-to-restricting-foreign-ips%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

8

The concept is "reducing the threat surface". If there is an expectation that no connections will be made from a certain geographic area, then it makes sense to block that area, because, by definition, it is not legitimate. In theory. (For a health provider, it's a weird choice since customers might want to manage their health while traveling, but this is a side issue.)

For one company I worked for, there was a list of countries that listed the Top 12 worst offenders for cybercrime, and we did not have any customers in those countries. So, it made sense to block them.

Could attackers use proxies/VPNs to attack from an allowed IP? You bet. Did they? Who knows. Did we experience high volumes of attacks from those 12 counties anyway? Oh yes. We saw an immediate 80% drop in traffic to our webservers when we started the geo-IP ban.

share|improve this answer

edited 7 hours ago

answered 9 hours ago

schroeder♦schroeder

86.1k3434 gold badges192192 silver badges231231 bronze badges

• 
  
  
  

  
  3
  

  
  
  
  
  
  

  
  
  OK great so there is at least some utility. Whether it is worth the inconvenience to actual customers is as you acknowledge a separate issue.Thanks.
  
  – Matthew Nichols
  8 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @MatthewNichols you got it
  
  – schroeder♦
  7 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  My company kept getting pings by random overseas "users" where we didn't have any clients, so we banned those countries as well. Basically, it makes it harder to be picked up by a random pickpocket, but it's not going to stop a targeted attack (the cynic in me says nothing has been found yet to stop a targeted attack).
  
  – Hosch250
  3 mins ago
  

  
  
  
  

add a comment
 | 

8

The concept is "reducing the threat surface". If there is an expectation that no connections will be made from a certain geographic area, then it makes sense to block that area, because, by definition, it is not legitimate. In theory. (For a health provider, it's a weird choice since customers might want to manage their health while traveling, but this is a side issue.)

For one company I worked for, there was a list of countries that listed the Top 12 worst offenders for cybercrime, and we did not have any customers in those countries. So, it made sense to block them.

Could attackers use proxies/VPNs to attack from an allowed IP? You bet. Did they? Who knows. Did we experience high volumes of attacks from those 12 counties anyway? Oh yes. We saw an immediate 80% drop in traffic to our webservers when we started the geo-IP ban.

share|improve this answer

edited 7 hours ago

answered 9 hours ago

schroeder♦schroeder

86.1k3434 gold badges192192 silver badges231231 bronze badges

• 
  
  
  

  
  3
  

  
  
  
  
  
  

  
  
  OK great so there is at least some utility. Whether it is worth the inconvenience to actual customers is as you acknowledge a separate issue.Thanks.
  
  – Matthew Nichols
  8 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @MatthewNichols you got it
  
  – schroeder♦
  7 hours ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  My company kept getting pings by random overseas "users" where we didn't have any clients, so we banned those countries as well. Basically, it makes it harder to be picked up by a random pickpocket, but it's not going to stop a targeted attack (the cynic in me says nothing has been found yet to stop a targeted attack).
  
  – Hosch250
  3 mins ago
  

  
  
  
  

add a comment
 | 

The concept is "reducing the threat surface". If there is an expectation that no connections will be made from a certain geographic area, then it makes sense to block that area, because, by definition, it is not legitimate. In theory. (For a health provider, it's a weird choice since customers might want to manage their health while traveling, but this is a side issue.)

For one company I worked for, there was a list of countries that listed the Top 12 worst offenders for cybercrime, and we did not have any customers in those countries. So, it made sense to block them.

Could attackers use proxies/VPNs to attack from an allowed IP? You bet. Did they? Who knows. Did we experience high volumes of attacks from those 12 counties anyway? Oh yes. We saw an immediate 80% drop in traffic to our webservers when we started the geo-IP ban.

share|improve this answer

edited 7 hours ago

answered 9 hours ago

schroeder♦schroeder

86.1k3434 gold badges192192 silver badges231231 bronze badges

share|improve this answer

edited 7 hours ago

answered 9 hours ago

schroeder♦schroeder

86.1k3434 gold badges192192 silver badges231231 bronze badges

answered 9 hours ago

schroeder♦schroeder

86.1k3434 gold badges192192 silver badges231231 bronze badges

answered 9 hours ago

schroeder♦schroeder

86.1k3434 gold badges192192 silver badges231231 bronze badges