apnic abuse procedures network abuse bof. types of abuse reported spam hacking viruses...
DESCRIPTION
Abuse report statistics Recorded 30 Jul – 29 Aug spam reports 168 abuse reports –Does not include reports made to automated mailboxes: pieces of spam to andTRANSCRIPT
APNIC abuse procedures
Network abuse BOF
Types of abuse reported
• Spam• Hacking• Viruses• Identity/credit card fraud• Threats and stalking
Abuse report statistics
Recorded 30 Jul – 29 Aug 2002• 423 spam reports• 168 abuse reports
– Does not include reports made to automated mailboxes:
[email protected] [email protected] [email protected]@apnic.net
• 1361 pieces of spam to [email protected] and [email protected]
Responding to abuse reports
• Explain APNIC is not the source• Point the requestor to the APNIC network
abuse FAQhttp://www.apnic.net/info/faq/abuse/
• If contact details are incorrect, forward report to APNIC Hostmasters
• If requestor misunderstands APNIC’s role, explain the role of RIRs
• Continued reports lead to requestor being notified their emails will not be answered in future
Reasons people contact APNIC
• ARIN whois database– Not aware of other whois databases– Automated software points to ARIN
• Reverse DNS lookups– Many AP networks don’t register reverse
domains. • Only high level APNIC reverse domain
appears
Reasons people contact APNIC
• APNIC Whois Database– Misread search results
• Source and changed attributes– No response from tech-c, admin-c– Invalid network contacts
• Legacy AUNIC, ARIN records• Networks no longer APNIC members• Customer assignments not up to date
• Misunderstand the role of the RIRs– Believe RIRs provide connectivity
What can APNIC do?• Educate
– Standard replies – Abuse FAQ– Training– Public discussions
• Maintain the database– Integrity of contact details
• Promote role objects and email accounts– Enhanced Whois interface and help– Input for future Whois development
What can’t APNIC do?
• Police networks– No legal power to do this– No practical way to do this– Inappropriate behaviour for RIR
• RIRs are responsible for how networks manage their addresses
• RIRs are not responsible for behaviour of those networks
Directions for the future
APNIC proposal for streamlined abuse handling to be presented later in this BOF
Questions?