[176201] in North American Network Operators' Group
Re: abuse reporting tools
daemon@ATHENA.MIT.EDU (Paul Bennett)
Wed Nov 19 12:33:07 2014
X-Original-To: nanog@nanog.org
In-Reply-To: <20141119111419.2877e52e@localhost>
Date: Wed, 19 Nov 2014 12:32:58 -0500
From: Paul Bennett <paul.w.bennett@gmail.com>
To: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Wed, Nov 19, 2014 at 12:14 PM, John Kristoff <jtk@cymru.com> wrote:
> On Tue, 18 Nov 2014 16:58:24 -0800
> Mike <mike-nanog@tiedyenetworks.com> wrote:
>
>> I provide broadband connectivity to mostly residential users.
> I can point you to some tools and references I'm aware of, but I can't
> talk about how effectively they are operationally or whether or not you
> should abide by or use them.
Don't forget IETF RFC 5970 "IODEF" format as well. It provides a much
more comprehensive and flexible reporting format than either X-ARF or
RFC 5965 (both of which are really geared primarily towards single
badguy / single incident). With that power comes greater complexity,
though. I'll have to look at Net::Abuse::Utils since that's the first
I've ever heard of it and I don't know what it can do. If it can't
make IODEF, I'm a capable Perl programmer, so I can take a look, but
no promises.
--
Paul W Bennett
