A week in the life of (IRT address)

Slides:

Advertisements

Similar presentations

© 2004 APCERT APCERT Activity Update Yurie Ito JPCERT/CC (On behalf of the APCERT Secretariat)

Advertisements

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Work Plan 2000 APNIC Annual Member Meeting Seoul, 3 March 2000.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Network Abuse: The APNIC perspective Network Abuse BOF APNIC 12 th Open Policy Meeting.

Major Activities in JPNIC Since APNIC17 Izumi Okutani Japan Network Information Center NIR 18, Fiji 31 August – 3 September, 2004.

APNIC Update AfriNIC November 2010 Johannesburg, South Africa George Kuo Member Services Manager, APNIC.

1 APNIC Status Report RIPE 50 Stockholm, Sweden. 2 Selected activities – Services IPv4 Allocations – accelerating –Single /8 allocation in Japan IPv6.

Handling Internet Network Abuse Reports at APNIC 21 October 2010 LAP-CNSA Workshop, Melbourne George Kuo.

Joint efforts in incident response in AP region and future work with RIR Suguru Yamaguchi JPCERT/CC.

Sweeping lame DNS reverse delegations APNIC16 – DNS Operations SIG Seoul, Korea, 20 August 2003.

Proposal of Policy for Mirroring on IRR 2003/08/21 APNIC Junichi Matsumoto Japan Telecom Co., Ltd. JPNIC IRR-Planning Team.

Copyright (c) 2005 Japan Network Information Center JPNIC IPv6 registry service experience Toshiyuki Hosaka Japan Network Information Center (JPNIC) September.

1 Korea status and future plan on spam & hacking complaints August 30, 2001 Yong Wan Ju Korea Network Information Center.

APNIC Last /8 Policy Implementation Report Sanjaya Services Area Director.

Policy Documentation Adam Gosling APNIC 38 Policy SIG Meeting 18 September 2014.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina.

Network Abuse Handling in CNNIC and JPNIC Terence Zhang, CNNIC Izumi Okutani, JPNIC.

APNIC Update AfriNIC June 2011 Sanjaya Services Director, APNIC 1.

Copyright © 2008 Japan Network Information Center JPNIC's review of IPv4 address transfer  Izumi Okutani  Japan Network Information.

What is WHOIS?. 2  Internet Protocol you can use to search registry and registrar databases and discover who registered a domain name or IP address 

APNIC Update ARIN XXVI 8 October 2010 Geoff Huston Chief Scientist, APNIC.

APNIC Update AfriNIC 12 May 2010 Sanjaya Services Director, APNIC.

1 APNIC Update RIPE 54 Tallinn, Estonia May 2007.

1 APNIC Status Report SANOG VI July 2005, Thimpu, Bangladesh Kapil Chawla, APNIC.

APNIC Annual Members’ Meeting Singapore, 6 March 1999 APNIC - Annual Report.

Consultation on Policy Documentation Adam Gosling APNIC 40 Policy SIG 10 September 2015.

Network Abuse Update Frank Salanitri Project & Systems Services Manager, APNIC.

APNIC Update 15 th TWNIC OPM 2 December 2010 Taipei, Taiwan George Kuo Member Services Manager, APNIC.

What is WHOIS?. 2  Internet Protocol you can use to search registry and registrar databases and discover who registered a domain name or IP address 

APNIC Activity Highlights NZNOG’11 28 January 2011 Elly Tawhai Senior Internet Resource Analyst/Liaison Officer, Pacific, APNIC 1.

Inaccuracy of IRT-Objects Aftab A. Siddiqui Cyber Internet Services (Pvt) Ltd/ IPv6 Task Force Pakistan/ NRO NC/ASO AC.

APNIC Security Update APSIRCC 2002 Tokyo, 25 March 2002.

Izumi Okutani JPNIC IP Department NIR Meeting Feb 2004 JPNIC Open Policy Meeting Update.

IP Addressing and ICT Development in the Pacific Islands Anne Lord and Save Vocea, APNIC ICT Workshop, Fiji, November, 2002.

Update of WHOIS Data Privacy in JP Izumi Okutani Japan Network Information Center (JPNIC) DB SIG APNIC Indonesia.

1 APNIC Update LACNIC X Isla Margarita, Venezuela 25 May 2007.

IEPG November 1999 APNIC Status Report. Membership Resource Status Recent Developments Future Plans Questions?

A week in the life of (IRT address) Frank Salanitri Project & Systems Services Manager, APNIC.

APNIC Feb., 2004 Copyright (c) 2004 Japan Network Information Center. All Rights Reserved.1 NIR System BoF report for NIR SIG Shin Yamasaki Engineering.

APNIC abuse procedures Network abuse BOF. Types of abuse reported Spam Hacking Viruses Identity/credit card fraud Threats and stalking.

APNIC Update RIPE November 2010 Rome, Italy Geoff Huston Chief Scientist, APNIC.

JPNIC UPDATE ~ Personal Data Protection in JPNIC WHOIS ~ Toshiyuki Hosaka Japan Network Information Center (JPNIC) September 7 th, 2005 NIR SIG APNIC

1 Command Center Management (CCM) Training. 2 Objective  To understand the following: – IT Manager Role – Exam Day Process – iAEC Solution – iARC – Post.

Proposed APNIC protocol for handling of abuse complaints Network abuse BOF Gerard Ross, APNIC.

1 Welcome to the Policy SIG Policy SIG 1 March 2007 APNIC 23, Bali, Indonesia Kenny Huang.

Network Abuse Bof Tuesday 15 th September 5:30pm – 7:00pm Lincoln Room.

1 [prop-037] Proposal to deprecate updates for APNIC registry and whois data Policy SIG 7 Sep 2006 APNIC 22, Kaohsiung, Taiwan Terry Manderson.

I-NAMES Corporation Database Privacy Policy Database Policy SIG, APNIC Meeting at Taipei, Taiwan Lee, Seung-Min.

1 Welcome to the Policy SIG 6 Sep 2006 APNIC 22, Kaohsiung, Taiwan.

APNIC member survey 2007 Paul Wilson Director General.

Whois Update Guangliang Pan. Overview Differences between APNIC and RIPE Whois Databases Change mnt-by from member’s maintainer to APNIC-HM for aut-num.

September, 2003 Bill Woodcock Packet Clearing House

APNIC Update and future planned initiatives

Implementation of ARIN's Lame DNS Delegation Policy

IEPG Minneapolis, March 1999

Whois Data Privacy Issues in Japan

APNIC Report LACNIC VIII Lima, Perú.

ARIN XXVIII 13 October 2011 Philadelphia Geoff Huston, APNIC

Research & Liaison Officer (Pacific)

Enhanced participation in sharing and learning international experiences

/48 assignment status report

APNIC 29 Policy SIG report

NIR SIG, 18th APNIC Meeting

Enhanced participation in sharing and learning international experiences

Sanjaya, Project Manager, APNIC Secretariat

A Proposal to Protect Historical Records in APNIC Whois Database

Privacy of Customer Assignment Records

Kuniaki Kondo IRR Workshop Chair, JPNIC IIJ

Status Report on Policy Implementation at the APNIC Secretariat

IPv6 Policy Update ~ APNIC community ~

Presentation transcript:

A week in the life of security@apnic.net (IRT email address) Frank Salanitri Project & Systems Services Manager, APNIC ＊和訳：JPNIC　奥谷泉

What is APNIC role in preventing network abuse? As a registry, APNIC adopts and applies policies for it’s community which address network abuse. APNIC does not have the capacity to investigate abuse complaints or the legal powers to regulate Internet activity. APNIC seeks to raise awareness of the need for responsible network management in the Asia Pacific, through training and communication. Laws relating to network abuse vary around the world. 2 2

IRT Object Reporting of network abuse can be directed to specialized teams such as Incident Response Teams (IRTs) Implemented in AP region by policy Prop-079 in November 2010. Mandatory for inetnum, inet6num and aut-num objects created and updated in whois database. JAPAN has approximately 7200 inetnum objects. 4000 with missing IRT maintainer. Almost 79% of complaints are spam related. 3 3

No. of complaints to security@apnic.net 14th – 20th March 2011

Distribution of Complaints for the week Almost 79% of complaints are spam related. 5 5

Distribution of email type complains by economy Almost 25% from VN and 17% from India & Korea. China is only 14%. 6 6

Distribution of Non-email type complains by economy Most attacks & port scans come from Chin and Taiwan. However unlike spam only 3.5% of attacks came from Vietnam. 7 7

70 Complaints Week 3 March - JAPAN 8

376 Complaints March - Japan Total 376 9

In Conclusion The top abuse type complaints received for JP are Spams(75%) and Attacks(20%) IRT objects are registered in APNIC Whois to reach the appropriate people for abuse complaints We understand there are issues with POCs in handling these complaints: POCs are always not uptodate/reachable POCs receive a large amout of spams We require a mechanism in place to help resolve these complaints Up to date information about abuse contacts in WHOIS is essential APNIC would like to discuss any issues for registering or disclosing abuse contacts with the community

What can you do? We need your co-operation to maintain correct contacts in WHOIS Please review your contacts in Whois - email/phone. Report incorrect contacts in APNIC WHOIS to helpdesk@apnic.net　 Give us your feedback about effectiveness of IRT objects, or if any problems/suggested solutions in abuse handling APNIC secretariat : “helpdesk@apnic.net” You can make policy proposals to improve IRT and POCs in Whois if you feel there is a need for change.

Thank you Abuse BoF@APNIC33 Join us in APNIC33@New Delhi, India 28 Feb 2012 http://meetings.apnic.net/33/program/bof Thank you