This behavior is never defensible nor acceptable. In addition to being in the wrong with BGP hijacking a prefix, it appears that Mr. Townsend had the wrong target, too. We've been attacked a few dozen times by this botnet, and they could never muster anything near 200 gbps worth of traffic. They were orders of magnitude smaller, only around 8-16 gbps depending on attack.
Mr. Townsend's motives were wrong and so was his information. -richard On Sun, Sep 11, 2016 at 8:54 PM, Hugo Slabbert <h...@slabnet.com> wrote: > Hopefully this is operational enough, though obviously leaning more towards > the policy side of things: > > What does nanog think about a DDoS scrubber hijacking a network "for > defensive purposes"? > > http://krebsonsecurity.com/2016/09/alleged-vdos-proprietors-arrested-in-israel/ > > "For about six hours, we were seeing attacks of more than 200 Gbps hitting > us,” Townsend explained. “What we were doing was for defensive purposes. We > were simply trying to get them to stop and to gather as much information as > possible about the botnet they were using and report that to the proper > authorities.” > > -- > Hugo Slabbert | email, xmpp/jabber: h...@slabnet.com > pgp key: B178313E | also on Signal