nanog mailing list archives

Re: Handling of Abuse Complaints

From: Joe Maimon <jmaimon () ttec com>
Date: Mon, 29 Aug 2016 13:46:25 -0400

There is a distance to travel between cant and cant effectively.

Perhaps they can share how they ever so effectively have solved thisconundrum. After all, they are apparently not getting any abuse reportsever. As an operator of several open resolvers (with rate limiting andautomatic mitigation in effect) to support my customer base until thenetwork landscape supports alternative approaches, I would like to knowhow they accomplished that little trick.


Filip Hruska wrote:

Google, Level 3 and the like's open DNS resolvers are strictly
rate-limited. They can't be used as DDOS amplifiers.

On the other hand, there are tons of open resolvers on the internet
without any sort of limiting. These are very effective amplifiers.

Regards,
Filip

On 29.8.2016 19:04, Laszlo Hanyecz wrote:

I know this is against the popular religion here but how is this abuse
on the part of your customer?  Google, Level3 and many others also run
open resolvers, because they're useful services. This is why we can't
have nice things.


On 2016-08-29 15:55, Jason Lee wrote:

NANOG Community,

I was curious how various players in this industry handle abuse
complaints.
I'm drafting a policy for the service provider I'm working for about
handing of complaints registered against customer IP space. In this
example
I have a customer who is running an open resolver and have received a
few
complaints now regarding it being used as part of a DDoS attack.

My initial response was to inform the customer and ask them to fix it.
Now
that its still ongoing over a month later, I'd like to take action to
remediate the issue myself with ACLs but our customer facing team is
pushing back and without an idea of what the industry best practice is,
management isn't sure which way to go.

I'm hoping to get an idea of how others handle these cases so I can
develop
our formal policy on this and have management sign off and be able to
take
quicker action in the future.

Thanks,

Jason

Current thread:

Re: Handling of Abuse Complaints, (continued)
- Re: Handling of Abuse Complaints Hugo Slabbert (Aug 29)
- Re: Handling of Abuse Complaints William Herrin (Aug 29)
  - RE: Handling of Abuse Complaints Gareth Tupper (Aug 29)
    - Re: Handling of Abuse Complaints Paul Ferguson (Aug 29)
    - Re: Handling of Abuse Complaints Steve Atkins (Aug 29)
    - Re: Handling of Abuse Complaints William Herrin (Aug 29)
    - Re: Handling of Abuse Complaints Larry Sheldon (Aug 29)
- Re: Handling of Abuse Complaints Laszlo Hanyecz (Aug 29)
  - Re: Handling of Abuse Complaints Lee Fuller (Aug 29)
  - Re: Handling of Abuse Complaints Filip Hruska (Aug 29)
    - Re: Handling of Abuse Complaints Joe Maimon (Aug 29)
- Re: Handling of Abuse Complaints Stephen Satchell (Aug 29)
  - Re: Handling of Abuse Complaints Mark Andrews (Aug 29)
- Re: Handling of Abuse Complaints Alex Brooks (Aug 30)