Blackholing stops DDOS attacks but shuts off all traffic

Blackholing stops DDOS attacks but consumes everything else too

What it is: The most recent distributed denial of service survey from Prolexic  shows that denial of service attack durations, the total time an attack is active, increased this year to 34.4 hours, up from 32 hours last year. Packet rates and bandwidth used during attacks also is up. To weather the storm, service providers can employ blackholing techniques, which prevents all traffic from reaching its destination.

How It Works: Blackholing is a common defense against spam, in which an Internet service provider blocks packets from a domain or IP address, but the technique can be used against DDOS attacks. The problem with a DDOS attack is that not only is the website in question affected, but also others that are sharing the same servers or even routers. Thus, an attack on one agency can affect others if they are closely networked.

When under a massive attack, a black hole can be employed in a kind of "we had to burn the village to save it" approach. All website traffic, covering both legitimate users trying to access information and the fake attack requests, are sent into a black hole, or null route, Prolexic said. The requests aren't processed in any way. Anything trying to access the website is simply dropped. After the attack has stopped, an average of 34 hours later, the black hole is removed and the website is back online. The extra traffic from the attack doesn't affect any connected systems.

Bottom Line: Although effective in protecting other sites, the use of blackholing helps the hackers accomplish their task. The whole point of DDOS is to deny service. Taking a website offline and routing all traffic to a black hole does that. But as attacks increase in size, power and efficiency, more websites and service providers may have to employ it to protect the greater networks.

About the Author

John Breeden II is a freelance technology writer for GCN.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected