nanog mailing list archives
abuse reporting tools
From: Mike <mike-nanog () tiedyenetworks com>
Date: Tue, 18 Nov 2014 16:58:24 -0800
Hello, I provide broadband connectivity to mostly residential users. Over the past few years, instances of DDoS against the network - specfically targeting end users - has been on the rise, and today I can qualify many of these as simple acts of revenge where someone will engage a dos (possibly, services like 'booters' or similar) because they lost an online game or had some interactive in a forum they didn't like. I have good 'consumer broadband' filtering rules in place which make sense and protect against quite a lot of obviously ddos oriented traffic streams. The next step I want to engage, for those types of traffic which I can positively identify as not spoofed, is to send out abuse reports to owners of ip ranges used to launch these attacks. Ideally I'd like to be able to write up some form letter describing the attack, the source ip(s) of note, some disassembled sample packets, and then feed a list of IP source addresses and have it mail it out to the abuse contact at each source network. I am wondering if anyone has a pointer or reference to any tools which might help facillitate this? Thank you. Mike-
Current thread:
- abuse reporting tools Mike (Nov 18)
- Re: abuse reporting tools Michael Brown (Nov 18)
- Re: abuse reporting tools Robert Drake (Nov 18)
- Re: abuse reporting tools Jimmy Hess (Nov 21)
- RE: abuse reporting tools Drew Weaver (Nov 25)
- Re: abuse reporting tools Robert Drake (Nov 18)
- Re: abuse reporting tools Michael Brown (Nov 18)
- Re: abuse reporting tools Rafael Possamai (Nov 18)
- Re: abuse reporting tools Ken Chase (Nov 18)
- Re: abuse reporting tools John Kristoff (Nov 19)
- Re: abuse reporting tools Paul Bennett (Nov 19)
- Re: abuse reporting tools Paul Bennett (Nov 19)
- Re: abuse reporting tools Franck Martin (Nov 19)
- Re: abuse reporting tools Paul Bennett (Nov 19)