Suggestion: Add contact entry to whois
We already have Admin, Tech, and Billing. Would it be possible to consider the addition of an Abuse contact in whois? Owen
Owen DeLong wrote:
We already have Admin, Tech, and Billing. Would it be possible to consider the addition of an Abuse contact in whois?
The existing contacts serve that function. If someone at some place is smurfing you, you don't want to talk to some secretary who is going to stick a post-it on some manager's door about it. You want the NOC and you want the person in the NOC who can initiate immediate investigation and correct the problem. Well, at least I do. Define "abuse". It comes in a lot of categories, anyway. Which category do you think an abuse contact should be getting them for? Smurf? Flood? Spam? Bad BGP? Hacking? -- -- *-----------------------------* Phil Howard KA9WGN * -- -- | Inturnet, Inc. | Director of Internet Services | -- -- | Business Internet Solutions | eng at intur.net | -- -- *-----------------------------* phil at intur.net * --
Hello All, On Fri, 26 Feb 1999, Phil Howard wrote:
Owen DeLong wrote:
We already have Admin, Tech, and Billing. Would it be possible to consider the addition of an Abuse contact in whois? Not actually a bad idea for (mail abuse) , But then the Tech Contact s/b able to remedy the condition by forwarding the info to postmaster , You have that defined for your domain don't you ?
The existing contacts serve that function. If someone at some place is I disagree with this entirely , in the last few years we have had a inundation of domain requests mostly from very non-technical individuals .
The Administrator, isn't needed to be Technically Competent. The Technical Contact, -IS- , But in some cases isn't . The Billing Contact, isn't needed to be Technically Competent. And on top of this we have people whom have entered registrations that all of the above are to the same clueless individual . I would like to see an entry that can -ONLY- be entered by a -KNOWN- Technical Contact Associated with particular Name Server(s) .
smurfing you, you don't want to talk to some secretary who is going to stick a post-it on some manager's door about it. You want the NOC and you want the person in the NOC who can initiate immediate investigation and correct the problem. Well, at least I do. How about a NOC entry ? , But then again Technical Contact s/b able to forward to NOC@ ....
Define "abuse". It comes in a lot of categories, anyway. Which category do you think an abuse contact should be getting them for? Smurf? Flood? Spam? Bad BGP? Hacking? Yes I agree , original poster Please define .
At 10:29 2/26/99 -0800, Network Operations Center wrote:
We already have Admin, Tech, and Billing. Would it be possible to consider the addition of an Abuse contact in whois? Not actually a bad idea for (mail abuse) , But then the Tech Contact s/b able to remedy the condition by forwarding the info to postmaster , You have that defined for your domain don't you ?
By definition in the RFC's (remember those?) all email-related problems should go to the postmaster. Some ISPs have set up an abuse address specifically to handle spam problems; retaining the postmaster for more traditional problems. Unfortunately, we frequently find domains with a disabled or /dev/null-ed postermaster address. Adding an abuse address would accomplish nothing. If they don't have a working postmaster, it's not real likely they'd have a working abuse address either. "Small minds can only contemplate small ideas".....Unknown Dean Robb Owner, PC-EASY (757) 495-EASY [3279] On-site computer repair, upgrades and consultations Read my game reviews/columns in SimOps on WWW.TheGamers.Net
On 26 Feb 99, at 11:39, Phil Howard wrote:
The existing contacts serve that function. If someone at some place is smurfing you, you don't want to talk to some secretary who is going to stick a post-it on some manager's door about it. You want the NOC and you want the person in the NOC who can initiate immediate investigation and correct the problem. Well, at least I do.
As stated in Internic's guidelines on the domain template, the technical contact is "generally...the person or organization who maintains the domain name Registrant's primary name server, resolver software, and database files" The DNS administrator would not automatically be the person who wants to get all the spam, network abuse, and security incident reports. I think the Abuse contact is a good idea. Mark Borchers Network Engineering Dept. Network Two Communications Group "I gotta go now, yeah, I'm running out of change. There's a lot of things, if I could I'd rearrange." --U2/Achtung Baby
At 13:36 2/26/99 -0500, Mark Borchers wrote:
The DNS administrator would not automatically be the person who wants to get all the spam, network abuse, and security incident reports. I think the Abuse contact is a good idea.
A resource that might help is abuse.net. They'll auto-forward an abuse problem to the correct address for a large number of ISPs. "Small minds can only contemplate small ideas".....Unknown Dean Robb Owner, PC-EASY (757) 495-EASY [3279] On-site computer repair, upgrades and consultations Read my game reviews/columns in SimOps on WWW.TheGamers.Net
On Fri, Feb 26, 1999 at 11:39:56AM -0600, Phil Howard wrote:
Define "abuse". It comes in a lot of categories, anyway. Which category do you think an abuse contact should be getting them for? Smurf? Flood? Spam? Bad BGP? Hacking?
All of the above, except BGP issues. And the abuse/security desks at many providers are NOT the same people who handle day-to-day tech support; I'd like to have easy access to the phone numbers and e-mail addresses of both the network support people and the abuse people. -- Steve Sobol sjsobol@nacs.net (AKA support@nacs.net and abuse@nacs.net) "The world is headed for mutiny/When all we want is unity" --Creed, "One"
On Fri, Feb 26, 1999 at 08:55:12AM -0800, Owen DeLong wrote:
We already have Admin, Tech, and Billing. Would it be possible to consider the addition of an Abuse contact in whois?
Great idea! But you'd probably want to ask the individual domain registries. AFAIK they are responsible for determining which information they record. -- Steve Sobol sjsobol@nacs.net (AKA support@nacs.net and abuse@nacs.net) "The world is headed for mutiny/When all we want is unity" --Creed, "One"
Owen DeLong has declared that:
We already have Admin, Tech, and Billing. Would it be possible to consider the addition of an Abuse contact in whois?
I think that's an excellent idea - a couple added lines to the whois should not be a major redo - perhaps for exiting domains, initially have them default to the tech contact data until the domain owners get an opportunity to provide the added info. In terms of the larger number of issues we see these days, the contact info from whois tends to be woefully inadequate (and often out-of-date) at times. Equally important for the netblock entries in the ARIN whois database, too - is the listed coordinator really going get you to the right party quickly if one has a BGP issue that needs addressing in a timely manner for instance, or is it more often some party who does not understand/is unable to deal with the issue, with the actual working admin many hours away in the pecking order at the organization? For our org, the email goes directly to one who can take action immediately, but I suspect that for many organizations it is not. The added contact info I suspect would be quite a timesaver once in place. Pat M
Owen
-- #include <std.disclaimer> Pat Myrto (pat at rwing dot ORG) Seattle WA What the Second Amendment right to keep and bear arms really is: Our Freedom Insurance. Don't let the Statists or 'Those Who Know Best' elitists succeed in continuing attempts at diluting or nullifying it with claims that 'people' really means 'state', or that "You don't need it".
On Fri, 26 Feb 1999, Owen DeLong wrote:
Date: Fri, 26 Feb 1999 08:55:12 -0800 From: Owen DeLong <owen@dixon.DeLong.SJ.CA.US> To: hostmaster@internic.net Cc: nanog@nanog.org Subject: Suggestion: Add contact entry to whois
We already have Admin, Tech, and Billing. Would it be possible to consider the addition of an Abuse contact in whois?
It's a decent-enough idea... but, really, the "tech" contact should be a good start... or, hell, take a guess at the web page for the company, maybe do some surfing and try to determine if the company in-question really has better contact info there for you -- many already do. Then again, WHAT do you mean by "abuse?" Chances are, for a large enough company, I'm probably going to be contacting some sort of helpdesk for pretty much anything whereas others might differentiate between security related attacks, simple spam, or other networking problems... Also, why put the burden on NetSol to maintain this sort of data for everyone? I mean, they STILL have to get each domain to give them that info at some point (what's to actually persuade someone to do it or, for that matter, make it any more "valid" than any other info that's already out there? (eg. how many clueless "tech" contacts are already out there when, by definition, these people are <supposed> to be technically competent?)) IMO, the burden for this really should lie on the domain registrant and owner. Perhaps an "abuse" address should be just as ubiquitous as the accepted "postmaster" address (though still not everyone enforces that or even reads mail to their postmaster accounts). Don't get me wrong... I think this is a problem that needs to be somehow addressed, but I don't necessarily think "whois" is the place for it. Regards, Russell -- Russell M. Van Tassell russell@cscorp.com
participants (8)
-
Dean Robb -
Mark Borchers -
Network Operations Center -
owen@dixon.DeLong.SJ.CA.US -
Pat Myrto -
Phil Howard -
Russell Van Tassell -
Steven J. Sobol