Abuse Desks

sronan at ronan-online.com sronan at ronan-online.com
Wed Apr 29 15:25:19 UTC 2020


Perhaps some organization of Network Operators should come up with an objective standard of what constitutes “abuse” and a standard format for reporting it.

If only there was such an organization.

Sent from my iPhone

> On Apr 29, 2020, at 11:14 AM, Chris Adams <cma at cmadams.net> wrote:
> 
> Once upon a time, Mukund Sivaraman <muks at mukund.org> said:
>> If an abuse report is incorrect, then it is fair to complain.
> 
> The thing is: are 3 failed SSH logins from an IP legitimately "abuse"?
> 
> I've typoed IP/FQDN before and gotten an SSH response, and taken several
> tries before I realized my error.  Did I actually "abuse" someone's
> server?  I didn't get in, and it's hard to say that the server resources
> I used with a few failed tries were anything more than negligible.
> 
> I've had users tripped up by fail2ban because they were trying to access
> a server they don't use often and took several tries to get the password
> right or had the wrong SSH key.  Should that have triggered an abuse
> email?
> 
> -- 
> Chris Adams <cma at cmadams.net>



More information about the NANOG mailing list