How can I obtain the abuse e-mail address for IPs from Japan?
Marc Gimeno
marc.gimeno at adamo.es
Wed Aug 23 15:26:54 UTC 2017
Maybe simple whois from debian machine. Then he looks to related Regional
Internet address Registry, in this case, APNIC. I mark it in *bold*.
hois 59.106.13.181
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '59.106.0.0 - 59.106.255.255'
% Abuse contact for '59.106.0.0 - 59.106.255.255' is 'hostmaster at nic.ad.jp'
inetnum: 59.106.0.0 - 59.106.255.255
netname: SAKURA
descr: SAKURA Internet Inc.
descr: Grandfront Osaka Bldg. Tower-A 35F, 4-20, Ofukacho,
Kita-ku, Osaka 530-0011 Japan
country: JP
admin-c: JNIC1-AP
tech-c: JNIC1-AP
status: ALLOCATED PORTABLE
*remarks: Email address for spam or abuse complaints :
support at sakura.ad.jp <support at sakura.ad.jp>*
mnt-by: MAINT-JPNIC
mnt-irt: IRT-JPNIC-JP
mnt-lower: MAINT-JPNIC
changed: hm-changed at apnic.net 20041013
changed: ip-apnic at nic.ad.jp 20070523
changed: hm-changed at apnic.net 20151202
changed: ip-apnic at nic.ad.jp 20170703
source: APNIC
irt: IRT-JPNIC-JP
address: Urbannet-Kanda Bldg 4F, 3-6-2 Uchi-Kanda
address: Chiyoda-ku, Tokyo 101-0047, Japan
e-mail: hostmaster at nic.ad.jp
abuse-mailbox: hostmaster at nic.ad.jp
admin-c: JNIC1-AP
tech-c: JNIC1-AP
auth: # Filtered
mnt-by: MAINT-JPNIC
changed: abuse at apnic.net 20101108
changed: hm-changed at apnic.net 20101111
changed: ip-apnic at nic.ad.jp 20140702
source: APNIC
*_____________________________*
*Marc Gimeno*
*NOC*
*_____________________________*
Adamo Telecom Iberia S.A.U.
www.adamo.es
On Wed, Aug 23, 2017 at 5:16 PM, Kurt Kraut <listas at kurtkraut.net> wrote:
> Hello Suresh,
>
>
> It doesn't seem to help a lot:
>
> ktk at ktk:~$ whois -h whois.nic.ad.jp 59.106.13.181
> [ JPNIC database provides information regarding IP address and ASN. Its use
> ]
> [ is restricted to network administration purposes. For further
> information, ]
> [ use 'whois -h whois.nic.ad.jp help'. To only display English output,
> ]
> [ add '/e' at the end of command, e.g. 'whois -h whois.nic.ad.jp xxx/e'.
> ]
>
> Network Information:
> a. [Network Number] 59.106.12.0-59.106.27.255
> b. [Network Name] SAKURA-NET
> g. [Organization] SAKURA Internet Inc.
> m. [Administrative Contact] KT749JP
> n. [Technical Contact] KW419JP
> p. [Nameserver] ns1.dns.ne.jp
> p. [Nameserver] ns2.dns.ne.jp
> [Assigned Date] 2004/11/24
> [Return Date]
> [Last Update] 2004/11/24 18:41:02(JST)
>
> Less Specific Info.
> ----------
> SAKURA Internet Inc.
> [Allocation]
> 59.106.0.0/16
>
> More Specific Info.
>
>
>
> No e-mail addresses of the abuse team or NOC or SOC.
>
>
> Best regards,
>
>
> Kurt Kraut
>
> 2017-08-23 11:55 GMT-03:00 Suresh Ramasubramanian <ops.lists at gmail.com>:
>
> > whois -h whois.nic.ad.jp IP /e
> >
> > --srs
> >
> > > On 23-Aug-2017, at 7:38 PM, Kurt Kraut <listas at kurtkraut.net> wrote:
> > >
> > > Hello,
> > >
> > >
> > > I'm having a hard time to figure out the abuse e-mail address for IPs
> > from
> > > Japan. Any query I perform at the WHOIS, for any IP, from any
> autonomoyus
> > > system I get the same e-mail addresses:
> > >
> > > abuse at apnic.net
> > > hm-changed at apnic.net
> > > ip-apnic at nic.ad.jp
> > > hostmaster at nic.ad.jp
> > >
> > > These e-mail addresses belong to JPNIC, not the autonomous system
> itself.
> > > So any messages sent to these e-mail addresses will not reach the
> > offending
> > > NOC/SOC so I can report vulnerabilities and DDoS attacks.
> > >
> > > What am I missing and how should I report security issues to autonomous
> > > systems from this region? Has anyone here any experience on this?
> > >
> > >
> > > Thanks in advance,
> > >
> > >
> > > Kurt Kraut
> >
>
More information about the NANOG
mailing list