On 27/07/2012 2:53 AM, Denis Walker wrote:
Dear Arnold
It seems there is some confusion over the wording used on the Abuse Finder web page. The input box is labelled "Resource key:". This is because, from a registration point of view, we see IP addresses and AS Numbers as "Internet resources". In the RIPE Database the primary "key" of an INET(6)NUM or AUT-NUM object is the IP address and the AS Number. Thank you, Denis for clearing up this 'mystery', but .... :-)
I had assumed as much and did try to look up IP addresses, just this morning again, after receiving this message. The SPAM e-mail's IP I tried was in the RIPE DB. This much I knew both according to the Whois record and because I was able to locate the appropriate abuse address from the RIPE DB Query URL. Using the Abuse look up URL got me no results at all, aside from a small notice identifying the service as the "RIPE Database abuse finder service ...." In total I must have tried that URL about 6 - 10 times, without ever getting any data, let alone useful abuse data. I don't know what is behind this front end, but since I can find what I need using the DB Query directly, there must be something wrong with the logic or implementation, since the data evidently exists in the DB. The only problem with my current method using the direct DB query, is that it is a lot more labor intensive, involving a fair bit of copying and pasting, as well as visually searching the search results for suitable data. Arnold PS: if you need some of the 'failing' IP addresses, I can send them to you off-list. -- Fight Spam - report it with wxSR http://www.columbinehoney.net/wxSR.shtml