This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] What todo when a registrar doe snot respond to babuse form an IP
- Previous message (by thread): [anti-abuse-wg] What todo when a registrar doe snot respond to babuse form an IP
- Next message (by thread): [anti-abuse-wg] What todo when a registrar doe snot respond to babuse form an IP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hans-Martin Mosner
hmm at heeg.de
Thu Jun 23 08:00:12 CEST 2022
Am 22.06.22 um 22:39 schrieb Angel P: > Hello there, > > I have reported to a registrar an IP that has been doing a bunch of wordpress attacks one one of my sites and also > using a fake referrer by impersonating itself a www.bing.com <http://www.bing.com> > What can be done? Basically nothing (but read on). Registrars happily hide the identity of registrants but disclaim any responsibility for their actions ("it's not us but our customer, but we won't give you the customer's name"). Hosting companies, which would normally be the correct abuse contact for those IPs, happily hide the identity of their customers but disclaim any responsibility for their actions ("it's not us but our customer, but we won't give you the customer's name"). They may provide you with a way to contact their customer through some forwarding mechanism, but when the customer is itself the abuser, that would mean they expose your identity to the abuser without exposing the abuser's identity to you. In real-life abuse situations it has long be established that this is an absolute no-no, but registry and hosting service providers get away with it. The attacks are probably too easy to defend against, so there's no incentive for law enforcement to follow through with your issue, which would otherwise be a way to subpoena the contact information. However, even if they did that, the information would likely be worthless, as abusers can register with fake ID easily. What you *can* do is protect yourself and don't rely on other's assistance. Block IP space if you experience abuse from there. Install wordpress plugins to detect and reject attacks. There are some ways to report abusive IPs to the public (https://abuseipdb.com comes to mind, but there are others) but these probably have little effect beyond documenting that a problem is seen by more than one reporter. Cheers, Hans-Martin (I've responded to the mailing list although this isn't really an abuse reporting help forum but to reinforce the POV that the refusal to require accurate identity and contact information about internet resource owners is a major reason that internet abuse is so hard to fight). -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/anti-abuse-wg/attachments/20220623/32736ceb/attachment.html>
- Previous message (by thread): [anti-abuse-wg] What todo when a registrar doe snot respond to babuse form an IP
- Next message (by thread): [anti-abuse-wg] What todo when a registrar doe snot respond to babuse form an IP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]