<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">Am 22.06.22 um 22:39 schrieb Angel P:<br>
</div>
<blockquote type="cite"
cite="mid:CANGVWeNJzfLCX_aUKZRDbQVZtdskEFwrLHOzEYj44qCf+O7ATg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">Hello there,
<div><br>
</div>
<div>I have reported to a registrar an IP that has been doing a
bunch of wordpress attacks one one of my sites and also using
a fake referrer by impersonating itself a <a
href="http://www.bing.com" moz-do-not-send="true">www.bing.com</a></div>
<div>What can be done?</div>
</div>
</blockquote>
<p>Basically nothing (but read on).</p>
<p>Registrars happily hide the identity of registrants but disclaim
any responsibility for their actions ("it's not us but our
customer, but we won't give you the customer's name").</p>
<p>Hosting companies, which would normally be the correct abuse
contact for those IPs, happily hide the identity of their
customers but disclaim any responsibility for their actions ("it's
not us but our customer, but we won't give you the customer's
name").</p>
<p>They may provide you with a way to contact their customer through
some forwarding mechanism, but when the customer is itself the
abuser, that would mean they expose your identity to the abuser
without exposing the abuser's identity to you. In real-life abuse
situations it has long be established that this is an absolute
no-no, but registry and hosting service providers get away with
it.</p>
<p>The attacks are probably too easy to defend against, so there's
no incentive for law enforcement to follow through with your
issue, which would otherwise be a way to subpoena the contact
information. However, even if they did that, the information would
likely be worthless, as abusers can register with fake ID easily.</p>
<p>What you *can* do is protect yourself and don't rely on other's
assistance. Block IP space if you experience abuse from there.
Install wordpress plugins to detect and reject attacks.</p>
<p>There are some ways to report abusive IPs to the public
(<a class="moz-txt-link-freetext" href="https://abuseipdb.com">https://abuseipdb.com</a> comes to mind, but there are others) but
these probably have little effect beyond documenting that a
problem is seen by more than one reporter.<br>
</p>
<p>Cheers,<br>
Hans-Martin</p>
<p>(I've responded to the mailing list although this isn't really an
abuse reporting help forum but to reinforce the POV that the
refusal to require accurate identity and contact information about
internet resource owners is a major reason that internet abuse is
so hard to fight).<br>
</p>
</body>
</html>