Jump to content

Finding network abuse contacts

From Meta, a Wikimedia project coordination wiki

This is a short guide to how to get hold of and use effective network abuse contacts.

  • Whois is a useful tool for finding abuse contacts. Sometimes Whois data is not up-to-date, or does not get to the right people within an organization. You may need to access another Whois database to pinpoint certain vandals and/or the IP range they have access to.
  • The Network Abuse Clearinghouse at http://www.abuse.net/index.phtml is then a very useful resource.

Most ISPs are surprisingly responsive if they feel their terms and conditions of business (which generally include an Acceptable Use Policy) are being breached. They don't want net abuse coming from their networks; it's a legal and technical problem they will be happy to be without. However, they also do not want to get rid of revenue-earning customers for no good reason, so you must expect to have to provide well-documented evidence of a pattern of abuse before they will act.

Occasionally, smaller organizations simply don't care about network abuse. Many smaller ISPs are not multi-homed, and simply resell one upstream provider's bandwidth. In that case, complaining to their upstream provider is often effective. You can use traceroute or routing registries to find upstream providers, and then use the procedure as before to complain.

Remember: to complain effectively, have all your facts on hand, be polite, be reasonable, be persistent.