Re: "Defensive" BGP hijacking?

[Richard Hesse <richard.hesse () weebly com>]

This behavior is never defensible nor acceptable.

In addition to being in the wrong with BGP hijacking a prefix, it
appears that Mr. Townsend had the wrong target, too. We've been
attacked a few dozen times by this botnet, and they could never muster
anything near 200 gbps worth of traffic. They were orders of magnitude
smaller, only around 8-16 gbps depending on attack.

Mr. Townsend's motives were wrong and so was his information.

-richard

On Sun, Sep 11, 2016 at 8:54 PM, Hugo Slabbert <hugo () slabnet com> wrote:
> Hopefully this is operational enough, though obviously leaning more towards the policy side of things:
>
> What does nanog think about a DDoS scrubber hijacking a network "for defensive purposes"?
>
> http://krebsonsecurity.com/2016/09/alleged-vdos-proprietors-arrested-in-israel/
>
> "For about six hours, we were seeing attacks of more than 200 Gbps hitting us,” Townsend explained. “What we were 
> doing was for defensive purposes. We were simply trying to get them to stop and to gather as much information as 
> possible about the botnet they were using and report that to the proper authorities.”
>
> --
> Hugo Slabbert       | email, xmpp/jabber: hugo () slabnet com
> pgp key: B178313E   | also on Signal