[ppml] Proposal: make Abuse Handle *REQUIRED* for AS Registration

Lawrence Baldwin baldwinL at mynetwatchman.com
Thu Jul 24 06:49:32 EDT 2003


As some here may know I run the myNetWatchman system and spend much of my
time identifying host on the Internet that have been compromised or are
being used for nefarious purposes.  One would assume that the detection of
such issues is the complicated part of this process.  In reality, detection
is almost trivial, but the process of figuring out who to notify ends up
being far more difficult because backtracing information (e.g. IP Whois) is
extremely unreliable and quickly out of date, or doesn't explictly provide
abuse handle info.

I was very surprised that specifying an Abuse Handle is optional...even for
new registration requests:

[from AS Registration template]
##################### CONTACT SECTION (Optional) #####################
        ## The person or role in this section serves as a supplemental
        ## contact to the organization POC(s).  To specify multiple
        ## contacts, duplicate lines 9 and 10.
10. POC Type:
        ## Specify T for Technical, AB for Abuse, or N for Network
        ## Operations Center.
11. POC Handle:
        ## Provide a registered ARIN POC handle.


Why shouldn't we make Abuse handles REQUIRED for new IP Registrations?

Ok, at a bare minimum, why not at least make them required for new AS
Registrations?


Also, why not provide info in the template (or help guides) to encourage
compliance with:
http://www.ietf.org/rfc/rfc2142.txt


If every AS and IP Whois record had an abuse@ or security@ mailbox the
Internet would be a MUCH safer place.


Regards,

Lawrence Baldwin
Chief Forensics Officer
myNetWatchman.com
Atlanta, GA
+1.678.624.0924




More information about the ARIN-PPML mailing list