Skip to main content

Home Blackholing


(also internet blackholing)

Blackholing definition

Blackholing is a network security measure where traffic is directed into a ”black hole” and dropped into a network that goes nowhere. Network operators use blackholing to protect their networks by rerouting malicious traffic away from its intended target and absorbing it into a sinkhole, effectively making it disappear.

See also: personal VPN, brute-force attack, website spoofing

Blackholing examples

  • Cyberattacks: During a DDoS attack, blackholing can be used to reroute the overwhelming traffic to a null route or ”blackhole,” keeping the targeted servers safe.
  • Spam: Internet service providers may use blackholing to prevent spam emails from reaching users' inboxes.

Pros and cons of blackholing


  • Network protection: Blackholing helps protect servers from being overwhelmed during a DDoS attack, preserving the server's functionality and availability for legitimate users.
  • Cost-effective: Compared to other mitigation strategies, blackholing is a cost-effective method to deal with malicious traffic.


  • Indiscriminate: When a blackhole is activated, all traffic to the target IP is dropped, including legitimate traffic.
  • Temporary solution: Blackholing is a reactive measure, not a preventative one. It doesn't solve the root cause of the attack.

Using blackholing

  • During a DDoS attack, implement blackholing in conjunction with other protective measures for comprehensive network security.
  • Regularly review and update your network security strategy to ensure a multi-layered approach to cybersecurity.