Re: Handling of Abuse Complaints

2016-08-30 Thread Alex Brooks
Hi, On 29 August 2016 at 16:55, Jason Lee wrote: > NANOG Community, > > I was curious how various players in this industry handle abuse complaints. > I'm drafting a policy for the service provider I'm working for about > handing of complaints registered against customer IP

Re: Handling of Abuse Complaints

2016-08-29 Thread Larry Sheldon
On 8/29/2016 11:47, Steve Atkins wrote: Unless your abuse / security desk is staffed by lawyers it's probably better to avoid words like "criminal" and "unlawfully" altogether and stick to "in violation of our ToS". Or "in violation of your contract (which includes, by reference, our TOS)

Re: Handling of Abuse Complaints

2016-08-29 Thread Mark Andrews
In message <3dc3fd61-5123-0070-dd4e-435ce6785...@satchell.net>, Stephen Satchell writes: > On 08/29/2016 08:55 AM, Jason Lee wrote: > > NANOG Community, > > > > I was curious how various players in this industry handle abuse complaints. > > I'm drafting a policy for the service provider I'm

Re: Handling of Abuse Complaints

2016-08-29 Thread Stephen Satchell
On 08/29/2016 08:55 AM, Jason Lee wrote: NANOG Community, I was curious how various players in this industry handle abuse complaints. I'm drafting a policy for the service provider I'm working for about handing of complaints registered against customer IP space. In this example I have a

Re: Handling of Abuse Complaints

2016-08-29 Thread William Herrin
On Mon, Aug 29, 2016 at 12:47 PM, Steve Atkins wrote: > Unless your abuse / security desk is staffed by > lawyers it's probably better to avoid words like > "criminal" and "unlawfully" altogether Not really an ambiguous situation IMHO, but whatever floats your boat. Bear in

Re: Handling of Abuse Complaints

2016-08-29 Thread Joe Maimon
There is a distance to travel between cant and cant effectively. Perhaps they can share how they ever so effectively have solved this conundrum. After all, they are apparently not getting any abuse reports ever. As an operator of several open resolvers (with rate limiting and automatic

Re: Handling of Abuse Complaints

2016-08-29 Thread Filip Hruska
Google, Level 3 and the like's open DNS resolvers are strictly rate-limited. They can't be used as DDOS amplifiers. On the other hand, there are tons of open resolvers on the internet without any sort of limiting. These are very effective amplifiers. Regards, Filip On 29.8.2016 19:04,

Re: Handling of Abuse Complaints

2016-08-29 Thread Lee Fuller
It's quite possible to operate an open resolver while still making it very difficult to use in an amplification attack - maybe coach your user into using rate limiting if you are particularly keen not to 'shape' their traffic at this stage. PowerDNS has a very powerful load balancer that can be

Re: Handling of Abuse Complaints

2016-08-29 Thread Laszlo Hanyecz
I know this is against the popular religion here but how is this abuse on the part of your customer? Google, Level3 and many others also run open resolvers, because they're useful services. This is why we can't have nice things. On 2016-08-29 15:55, Jason Lee wrote: NANOG Community, I was

Re: Handling of Abuse Complaints

2016-08-29 Thread Steve Atkins
dundant, unless these are otherwise law-abiding >> cyber criminals. >> >> /pedant >> >> -Original Message- >> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of William Herrin >> Sent: Monday, August 29, 2016 9:28 AM >> To: Jason

RE: Handling of Abuse Complaints

2016-08-29 Thread Gareth Tupper
nanog@nanog.org Subject: Re: Handling of Abuse Complaints Dear Customer, Cyber criminals are using your network (and ours) to unlawfully attack other computers on the Internet. The specific security problem with your DNS server at 127.0.0.1 was first reported to you on Date1 (original

Re: Handling of Abuse Complaints

2016-08-29 Thread Paul Ferguson
> > /pedant > > -Original Message- > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of William Herrin > Sent: Monday, August 29, 2016 9:28 AM > To: Jason Lee <jason.m@gmail.com> > Cc: nanog@nanog.org > Subject: Re: Handling of Abuse Complaints

Re: Handling of Abuse Complaints

2016-08-29 Thread William Herrin
Dear Customer, Cyber criminals are using your network (and ours) to unlawfully attack other computers on the Internet. The specific security problem with your DNS server at 127.0.0.1 was first reported to you on Date1 (original message attached). Please be advised that we will interrupt network

Re: Handling of Abuse Complaints

2016-08-29 Thread Hugo Slabbert
On Mon 2016-Aug-29 10:55:27 -0500, Jason Lee wrote: NANOG Community, I was curious how various players in this industry handle abuse complaints. I'm drafting a policy for the service provider I'm working for about handing of complaints registered against customer IP

Handling of Abuse Complaints

2016-08-29 Thread Jason Lee
NANOG Community, I was curious how various players in this industry handle abuse complaints. I'm drafting a policy for the service provider I'm working for about handing of complaints registered against customer IP space. In this example I have a customer who is running an open resolver and have