Country bans: Good or not?

During my daily routine, when I check all the sites I have to, Google Webmaster Group, and other forums I visit, I noticed a, well… Let’s say trend: more and more webmasters think that it’s a good idea to ban whole countries from their websites and servers. So is this wise or just a result of a momentary panic?

Let’s see first why would do it? The most convenient explanation would be that you get attacks, let it be SPAM or DOS, from a specific country and to stop it, you just ban the whole country. Let’s say you have a basic server, running Apache. To ban a country is quite easy, you supply a feed with the IPs you want to ban and you’re done. Even with IPTables would be easy enough to ban a country, say most half an hour with searching included.
Let’s take a small number of aggressive clients, say 1.000 clients concurs for connection to the servers/website, and you decide to ban a whole country. The most offensive country at the moment of this post is China. China has approximately 1/6 of the World’s population. Basically if you ban 1 billion people from accessing your site just because of those 1.000 who are attacking it, well… it’s pity. You can only lose, mostly visitors coming from search engines. You will have you webserver standing steadily, but you lost revenue, as visitors equals revenue. And as a general rule of the thumb, the aggressive clients WILL give up after a moment, switch off the server, shut down the ports they are using for an hour, something, anything, but ban a whole country?!

The second case, you ban countries just because you don’t offer anything for those countries. Or you think you don’t offer.
This was very painful for me to learn, but for some reason big corporations’ webmasters do it often, and it’s so frustrating. I test a lot of IT equipment, usually stuff which didn’t appear yet in my country, I try to visit the manufacturer’s website to download a driver and I can not, because the IP I have, and all the country has, is banned from the server I want to access! How foolish…

Recent case is one of my tests with an eMachines notebook. I knew the firm is owned by Acer, yet Acer has no drivers for eMachines equipments. I check the website, emachines.com and miracle: I can’t access it, it times out. This is a common case when your IP is banned on server level, since the server won’t serve you anything, no 403 message, no nothing, not even a single ICMP package. So I tried to access the website through a server which is located in a different country, still in Europe. No luck. After a few more tries with EU servers, I try with a US server, located in Dallas. And what a joy: I could access the above link. Later I tried with a Canadian server and I could access the website. In total, I tested it with 46 servers which are under my management, and ONLY the US and Canadian servers could fetch the site.
Yet, eMachines started to export notebooks in my country and since they are cheep, people buy it like sugar, but their only option is the provided driver CD/DVD… which is not good for XP
So if you need an XP driver for something, you either code it for yourself (i know), or you switch to Vista as the drivers provided on that media is good only for this OS.

So, what do you think, is it good to ban a whole country or not?