Skip to main content

Anti-Abuse Working Group Minutes RIPE 87

Wednesday 29 November, 11:00 - 12:30
Chairs: Brian Nisbet, Tobias Knecht, Markus de Brün
Scribe: Chafic Chaya
Status: Final

The recordings and presentations are available at:
https://ripe87.ripe.net/programme/meeting-plan/aa-wg/

The stenography transcript is available at:
https://ripe87.ripe.net/archives/steno/29/

A. Administrative Matters

Brian opened the session by welcoming everyone, thanking the supporters, mentioning the CoC and going through some administrative staff. The Working Group (WG) minutes from RIPE 86 were approved, and the agenda was finalised.

B. Updates

B.2 From Awareness to Action - Empowering Change Through Anti-Abuse Training

Gerardo Viviers, RIPE NCC

The presentation is available at:
https://ripe87.ripe.net/wp-content/uploads/presentations/5-RIPE-87-AA-WG-presentation-GAViviers.pdf

Gerardo discussed the current solution of using webinars for anti-abuse and suggested a shift towards e-learning for its benefits of self-paced learning, scalability, and consistent training. He highlighted the challenges of delivering live webinars and the benefits of e-learning in sustaining momentum and complementing live training.

Brian thanked Gerardo, the RIPE NCC, and there was consent on the direction going forward with e-learning alongside the webinar.

B.3 Discussion and Work Item Creation

Tobias Knecht, co-chair, started by discussing the need for increased community engagement in the WG, particularly in addressing issues related to abuse networks. He noted that recent discussions have highlighted a lack of response to emails sent to abuse networks and have opened up further discussions on topics like Abuse email address verification and ASN Cleanup.

Tobias acknowledged Marco's upcoming presentation, which provided an overview of the work already done in these areas, helping to establish a foundation for future discussions and actions.

  • Abuse Email Address Verification
  • ASN Cleanup
  • Abuse Email Ignored

The presentation is available at:
https://ripe87.ripe.net/wp-content/uploads/presentations/72-RIPE87-AAWG-final.key

The presentation details the RIPE NCC's efforts in two areas: Abuse-c Validation and ASN Cleanup. Abuse-c Validation involved verifying contact details for abuse handling, with annual checks yielding a small failure rate, followed by steps to correct invalid contacts.

The ASN Cleanup project targeted unused Autonomous System Numbers, contacting ASN holders for confirmation, resulting in over half of the contacted ASNs being returned. This work ensured accurate and active use of RIPE NCC resources.

Tobias urged the community to share their thoughts on what constitutes abusive behaviour and how the WG should tackle it. He mentioned that while some discussions occur on mailing lists, many also happen in meetings. The goal is to gather all this information, assess the current status quo, and then engage in conversations to steer various topics in the right direction. This could lead to policy proposals or other actions.

Brian pointed out that the responsibility of addressing these issues does not solely lie with the RIPE NCC or any individual but with the entire community as members of the WG. He stresseed the importance of community members expressing their concerns and ideas, as this is crucial for change. Brian encourages everyone to share their thoughts on whether these issues are problematic and to suggest improvements. He warned that without community input, there will be no change, and policies that might not be favourable could emerge. Brian emphasised this as an opportunity for everyone to contribute, highlighting the importance of community involvement in shaping policies and addressing issues within the working group.

Alejandro Fernandez Cernuda from Global Cyber Alliance added a note about NIS 2 and whether there is an incentive for action.

Tobias commented that this was a good question what the community feels about it.

Brian and Tobias addressed the implications of the upcoming NIS 2 regulations by the EU and the role of the community in shaping responses to these regulations. They reminded everyone of the community's ability to influence and create policies, citing the example of Abuse-c policy and encouraged the community to focus not only on policy but also on other aspects like training and guides on abuse.

Looking forward to the next RIPE meeting, Brain mentioned that by then, NIS 2 would be legislated, and the community would need to understand its implications and identify areas for potential action.

There were no comments or questions.

E. Presentations

E.1 Global Abuse Reporting

Tobias, speaking as a founder of Abuseix, discussesdthe concept of global reporting in the context of Internet abuse and the importance of abuse teams in handling such issues. He emphasised that many companies, including ISPs and hosting providers, encounter a variety of abusive behaviours, such as spam emails and dictionary attacks, which can reveal compromised machines and networks. He encouraged companies to share relevant data with abuse teams, offering Abuseix's services to facilitate this process. The presentation is a call to action for greater collaboration and data sharing to combat internet abuse more effectively.

X. A.O.B.

Niall O’Reilly, RIPE Chair Team, raised a concern about the collateral damage caused by the current abuse management ecosystem, particularly to those at a disadvantage in power imbalances. He questioned whether the WG could address issues where security measures, justified on the basis of protection, end up harming innocent parties.

Brain responded positively, encouraging Niall to provide more details for a clearer understanding of the issue.

Michele Nylon from Black Knights in Ireland echoed the need for specificity, noting that while the issue Niall mentions is of interest, it was presented vaguely. Michele suggested that articulating the problem more clearly on the list with specific examples would be beneficial. He acknowledged that while companies have the right to protect their networks, there are instances of collateral damage that are challenging to address.

Niall agreed with the suggestions and considered following up on the mailing list for more clarity and assistance on the issue, recognising the complexity and the need for a detailed approach to resolve it potentially.

Z. Agenda for RIPE 88

Brian reminded everyone about the upcoming RIPE 88 meeting in Poland and expressed his gratitude to everyone before concluding the session.