abuse reporting tools
michael at supermathie.net
Wed Nov 19 01:11:13 UTC 2014
We need to come up with some sort of international Abuse Reduction and Reporting Engagement Suite of Tools as a Service.
Sent: Tuesday, November 18, 2014 19:59
To: nanog at nanog.org
Subject: abuse reporting tools
I provide broadband connectivity to mostly residential users. Over the
past few years, instances of DDoS against the network - specfically
targeting end users - has been on the rise, and today I can qualify many
of these as simple acts of revenge where someone will engage a dos
(possibly, services like 'booters' or similar) because they lost an
online game or had some interactive in a forum they didn't like. I have
good 'consumer broadband' filtering rules in place which make sense and
protect against quite a lot of obviously ddos oriented traffic streams.
The next step I want to engage, for those types of traffic which I can
positively identify as not spoofed, is to send out abuse reports to
owners of ip ranges used to launch these attacks. Ideally I'd like to be
able to write up some form letter describing the attack, the source
ip(s) of note, some disassembled sample packets, and then feed a list of
IP source addresses and have it mail it out to the abuse contact at each
source network. I am wondering if anyone has a pointer or reference to
any tools which might help facillitate this?
More information about the NANOG