Search RPD Archives
[AfriNIC-rpd] abuse contact information in whois database (AFPUB-2010-GEN-002)
SM
sm at resistor.net
Wed Jun 16 15:56:01 UTC 2010
Hi Tobias,
At 02:32 16-06-10, Tobias Knecht wrote:
>May: AfriNIC stats.
>
> 1.363 unique AS Numbers
> 340.583 unique IP Addresses
>2.564.952 all over hits on our reference system
>
>I can not exactly tell you how many whois requests that would have been,
>because we are caching and at the moment just using the direct allocated
>ranges for exactly these query issues.
If you are caching, it shouldn't be a problem. The numbers would
still be on the low side in terms of query rate.
>If there will be consensus on the object part there would even be a
>possibility of setting up some kind of RBLDNSD Service where you put in
>ip and get back abuse@ contact. Something like this
>http://abusix.org/service/abuse-contact-db-beta
As an end-user, I would probably re-purpose rbldnsd to do the job if
the data was available through bulk whois. The data could also be
"mined" on the fly but that requires more work.
>I fully agree on that. It really depends on how this would work.
>
>Think about it this way:
>Mandatory IRT Object for inet(6)num and asnum.
>Mandatory abuse-mailbox attribute in that IRT Object.
>
>whois -B 193.174.0.0/15 (all data - restricted queries)
>whois 193.174.0.0/15 (less data - restricted queries)
>whois -b 193.174.0.0/15 (only abuse mailbox attribute - unrestricted)
If you put unrestricted, people will read that literally. By the
way, FBLs are more effective as abuse mailboxes can be flooded by
messages from individual users reporting ping "attacks". :-) If I
recall correctly, there is a end-user application that can
automatically generate such reports.
Regards,
-sm
More information about the RPD
mailing list