[anti-abuse-wg] {Disarmed} Re: Introducing the RIPE NCC Report Form
- Previous message (by thread): [anti-abuse-wg] {Disarmed} Re: Introducing the RIPE NCC Report Form
- Next message (by thread): [anti-abuse-wg] {Disarmed} Re: Introducing the RIPE NCC Report Form
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Florian Weimer
fw at deneb.enyo.de
Wed Apr 11 20:16:48 CEST 2012
* Suresh Ramasubramanian: > The same thing with ARIN or any other RIR whois .. if you find a UPS > store maildrop with a bunch of /20s mapped to it .. and each > successive /20 you find is entirely populated with "something bad" .. > then a full text search of the RIR's db for all netblocks registered > to that UPS store might be instructive. Instructive for what? As long as the responsible LIR is readily identifiable, I don't think RIPE NCC needs to get involved, at least from a network abuse perspective. Typically, the LIR is in a much better position to implement effective measures. Other LIRs may have concerns about misuse of address resources and encourage RIPE NCC to investigate things more aggressively from a resource usage perspective, but this is unrelated to actual network and abuse, and it is totally unclear whether we will experience address shortage in a significant way, ever. Admittedly, proper LIR identification is not a completely solved issue, mainly because the RIPE DB does not contain cross-references to official registers (where applicable; these are generally provided during LIR enrollment), the database does not contain the contracting LIR for provider-independent objects, and tools like the abuse mailbox finder do not implement LIR fallback even if the required information is present in the public database.
- Previous message (by thread): [anti-abuse-wg] {Disarmed} Re: Introducing the RIPE NCC Report Form
- Next message (by thread): [anti-abuse-wg] {Disarmed} Re: Introducing the RIPE NCC Report Form
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]