Dear all, which is the status of IRT object? Is the trial implementation available? This example shows again the need for a specific object. If someone uses whois information from cyberabuse.org, as many times people does, that information is wrong, because ciberabuse guys used Admin-c email without considering all other informations in inetnum object and in role object. Thanks and regards, Gabriella Paolini INFN-GARR [ Informations about 193.204.17.211 ] IP range : 193.204.16.0 - 193.204.23.255 Network name : UNIBAS-NET AS number : AS137 Infos : Universita' Degli Studi Di Basilicata Infos : Centro Interfacolta' Servizi Informatici E Telematici - Cisit Phone number : +39 06 49914352 Country : IT Abuse contact : enzo.valente@infn.it Source : RIPE right information are inetnum: 193.204.16.0 - 193.204.23.255 netname: UNIBAS-NET descr: Universita' degli Studi di Basilicata descr: Centro Interfacolta' Servizi Informatici e Telematici - CISIT country: IT admin-c: EV182-RIPE tech-c: GL965-RIPE tech-c: GM976-RIPE ... remarks: To notify abuse mailto: cert@garr.it remarks: Multiple lan of university departments remarks: GARR - Italian academic and research network mnt-by: GARR-LIR ... role: GARR LIR ... trouble: To notify abuse mailto: cert@garr.it trouble: Information at http://www.lir.garr.it/ ... person: Enzo Valente address: INFN - Dipartimento di Fisica address: Universita' La Sapienza address: Piazzale Aldo Moro,2 address: I-00185 Roma address: Italy phone: +39 06 49914352 fax-no: +39 06 4957697 e-mail: Enzo.Valente@infn.it ...
Dear gabriella, if nothing unexpected happens, you will be able to look at irt objects in the RIPE DB this week. Joao At 18:26 +0100 7/1/02, Gabriella Paolini wrote:
Dear all, which is the status of IRT object? Is the trial implementation available? This example shows again the need for a specific object. If someone uses whois information from cyberabuse.org, as many times people does, that information is wrong, because ciberabuse guys used Admin-c email without considering all other informations in inetnum object and in role object.
Thanks and regards, Gabriella Paolini INFN-GARR
[ Informations about 193.204.17.211 ]
IP range : 193.204.16.0 - 193.204.23.255 Network name : UNIBAS-NET AS number : AS137 Infos : Universita' Degli Studi Di Basilicata Infos : Centro Interfacolta' Servizi Informatici E Telematici - Cisit Phone number : +39 06 49914352 Country : IT Abuse contact : enzo.valente@infn.it Source : RIPE
right information are
inetnum: 193.204.16.0 - 193.204.23.255 netname: UNIBAS-NET descr: Universita' degli Studi di Basilicata descr: Centro Interfacolta' Servizi Informatici e Telematici - CISIT country: IT admin-c: EV182-RIPE tech-c: GL965-RIPE tech-c: GM976-RIPE ... remarks: To notify abuse mailto: cert@garr.it remarks: Multiple lan of university departments remarks: GARR - Italian academic and research network mnt-by: GARR-LIR ...
role: GARR LIR ... trouble: To notify abuse mailto: cert@garr.it trouble: Information at http://www.lir.garr.it/ ...
person: Enzo Valente address: INFN - Dipartimento di Fisica address: Universita' La Sapienza address: Piazzale Aldo Moro,2 address: I-00185 Roma address: Italy phone: +39 06 49914352 fax-no: +39 06 4957697 e-mail: Enzo.Valente@infn.it ...
--
Joao,
if nothing unexpected happens, you will be able to look at irt objects in the RIPE DB this week.
As a member of another CERT team, I'd like to say I am very pleased with this :). Jan Meijer CERT-NL, SURFnet
Re,
if nothing unexpected happens, you will be able to look at irt objects in the RIPE DB this week.
As a member of another CERT team, I'd like to say I am very pleased with this :).
As the coder of the CyberAbuse whois and a heavy user of all the whois db's I'm happy to hear things finally goes in the right direction. Note that the CyberAbuse whois does check remarks/descr/trouble fields for emails starting with abuse@/csirt@/security@. I had removed cert@ since it seemed not to be used. Though, since the CyberAbuse whois abuse contacts are in most cases netadmin's emails (coordinators/admin-c) I provide a way for admins to modify the Abuse contact field. If you go to http://www.cyberabuse.org/whois/?page=change, then you can have enzo.valente@infn.it become cert@garr.it. Though this won't be needed since I re-added cert@ in the list of mails to catch. Note that there is a web version of the CyberAbuse whois at http://www.cyberabuse.org/whois/?page=whois , it's a bit more powerfull (reverse AS checking and host lookup). There is also a "light" version at whois.light.cyberabuse.org, for the anti-spam community which runs batch against it to contact administrators of open relays. Sincerely, Philippe Bourcier
participants (4)
-
Gabriella Paolini -
Jan Meijer -
Joao Luis Silva Damas -
Philippe Bourcier