Hello folks, Thank you for your assistance. I'm used to query AS entries for LACNIC region and their WHOIS spit out righ away all contacts. I didn't realise I had to make a secondary query for the Technical Contact ID to only then see the e-mail address. Best regards, Kurt Kraut 2017-08-23 12:52 GMT-03:00 Andrew Latham <lathama@gmail.com>:
Kurt
I see contact info for KW419JP maybe I don't understand what you are looking for.
On Wed, Aug 23, 2017 at 10:16 AM, Kurt Kraut <listas@kurtkraut.net> wrote:
Hello Suresh,
It doesn't seem to help a lot:
ktk@ktk:~$ whois -h whois.nic.ad.jp 59.106.13.181 [ JPNIC database provides information regarding IP address and ASN. Its use ] [ is restricted to network administration purposes. For further information, ] [ use 'whois -h whois.nic.ad.jp help'. To only display English output, ] [ add '/e' at the end of command, e.g. 'whois -h whois.nic.ad.jp xxx/e'. ]
Network Information: a. [Network Number] 59.106.12.0-59.106.27.255 b. [Network Name] SAKURA-NET g. [Organization] SAKURA Internet Inc. m. [Administrative Contact] KT749JP n. [Technical Contact] KW419JP p. [Nameserver] ns1.dns.ne.jp p. [Nameserver] ns2.dns.ne.jp [Assigned Date] 2004/11/24 [Return Date] [Last Update] 2004/11/24 18:41:02(JST)
Less Specific Info. ---------- SAKURA Internet Inc. [Allocation] 59.106.0.0/16
More Specific Info.
No e-mail addresses of the abuse team or NOC or SOC.
Best regards,
Kurt Kraut
2017-08-23 11:55 GMT-03:00 Suresh Ramasubramanian <ops.lists@gmail.com>:
whois -h whois.nic.ad.jp IP /e
--srs
On 23-Aug-2017, at 7:38 PM, Kurt Kraut <listas@kurtkraut.net> wrote:
Hello,
I'm having a hard time to figure out the abuse e-mail address for IPs from Japan. Any query I perform at the WHOIS, for any IP, from any autonomoyus system I get the same e-mail addresses:
abuse@apnic.net hm-changed@apnic.net ip-apnic@nic.ad.jp hostmaster@nic.ad.jp
These e-mail addresses belong to JPNIC, not the autonomous system itself. So any messages sent to these e-mail addresses will not reach the offending NOC/SOC so I can report vulnerabilities and DDoS attacks.
What am I missing and how should I report security issues to autonomous systems from this region? Has anyone here any experience on this?
Thanks in advance,
Kurt Kraut
-- - Andrew "lathama" Latham -