adviCe on network security report

Sean Donelan sean at
Thu Nov 2 21:39:40 UTC 2006

On Thu, 2 Nov 2006, Dave Rand wrote:
> I did a study on this a few years ago.  I sent out about 20,000 abuse reports,
> all by hand, to various network around the world.  They all came from this
> email address, and were clearly identified as non-robotic, personal messages.
> There were "many" bounces.
> Less that 5% received any response.
> Less than 1% received any action within 30 days.

An excellent example of not listening to ISP abuse and security folks, and
what kind of results you get by not working with them.

I don't know why security complaint vendors haven't figured this out. The 
music industry complaint vendors were doing a much better of job of 
listening to ISPs security and abuse groups and trying to make things work 
as smoothly as possible for ISPs.  Its not anywhere near 100%, but they
make the effort to get their reports working within as many different 
ISP's systems as they can.  The financial industry is behind the music 
industry, but is also trying to work with ISPs.

I know every ISP is different. Some won't respond to anything. Others will 
do everything possible to figure out your complaint. But listening to the 
ones in the middle, and figuring out how to work with them will probably 
help improve things above 1%.

Because they take so much abuse as part of their normal job, even the 
most motivated abuse people don't go out of their way to have more 
people shout "You Suck" at them.  On the other hand, I suspect if they 
believe you can make their jobs easier and not shout at them, they can be
very gregarious about what they need.

More information about the NANOG mailing list