North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DNS Hijacking by Cox

  • From: Brandon Galbraith
  • Date: Tue Jul 24 19:44:45 2007
  • Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=ZGY3wxldb95uyqiVh6vcZUtPISqcNWvg/kLkUi6YrsTnr51tGb2NGpRga2Lf1ufJSaXQVi+bGbaXS9Dy3XOui42IN3LmyqPTXptbqbhDwpy8ouwAymxvybeQhA3iwzPLN36mbwAzz94tSJvC+OBVhbUSYrdc98ncECKqtMVETTs=
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=OtNQx8vmufZCBBRqLS4/0QiSAlgnqj45p4kjBmYWymAxCi3u8xrkvOxNAcHZKTh9qeKi5TbvBrucI0+hyxJOq7a2ENBAYmuFL0FbMyVayM2aXL2A3GymcZHPG7igum5YUaETnWlP4TvxtW3DYfkjfMUxuCueaMMa2w0M9LvhVms=


On 7/24/07, Chris L. Morrow <[email protected]> wrote:



On Tue, 24 Jul 2007, Mattias Ahnberg wrote:

> But it certainly would not hurt if there was a good way to report
> drones to ISPs and actually get some attention to the problem. A
> bunch of small streams quickly build up to a larger river in the
> end, I guess.

I'd point at the IETF/INCH-WG work for a standard [email protected] reporting
process/format... If you send hundreds or thousands of reports to an ISP
abusedesk (or ISPs' abusedesks) a standard machine parsable format is a
key ingredient.

I think that atleast one ISP would love to see standards formatted reports
about it's users ([email protected]), provided that the appropriate information
was included.

I think at that point, machine-readable formats should be passed up for some sort of abuse API interchange, where all involved parties can pull status information in real-time. You also have the benefit of automated systems having the ability to integrate into the system.