undefined | Better HN

0 pointsjexah8y ago0 comments

One obvious case is DoS attacks. Rudimentary attacks can be mitigated by blocking IP addresses of the attacker.

Another example is logging requests to secure sections of the site and/or server and perform IP blocks on fishy activity.

0 comments

3 comments · 1 top-level

beojan8y ago· 2 in thread

You can do that with a hash of the IP.

How would this work? You can't just sha256 IPs as that'd be trivial to reverse, no different from storing the plaintext.

I don't see why the IPs would ever have to hit the disk for this purpose, just keep them cached in RAM for a few minutes.

Salt the hashes, perhaps use PBKDF2. The problem is solved for passwords, just treat IPs like low entropy passwords.

j / k navigate · click thread line to collapse