Christopher Morrow wrote:
I think it was Abovenet that blackholed a /24 of (I want to say MAPS, but that's not right) an anti-spam-RBL sometime pre-1999?
If I'm not mistaken, that was ORBS.
perhaps they had a significant number of complaints about the address block and no reaction from the owner(s)? or the address block (or hosts in it) were scanning their infrastucture, or dos'ing it or???
Such action has always been a last-ditch when I've had to deal with severe network abuse/denial of service. Doing it on routers at the network core and not just at the edge where the affected systems or customers interconnect seems pretty severe, though.
There are a whole host of reasons one might conjecture. In ALL cases you'd never put in a /24 but a pair of /25 so that you didn't become the best path for the rest of the internets...
Even then, one would hope filters would be in place to keep it from traversing outside of their local AS, at least in a more perfect world. Of course, another recent incident disproving that theory comes to mind... -Kam