Hi friends,
As we have got several requests and inputs on Anti-Abuse training for LIRs
on RIPE 80, we have decided to put up useful information for small and/or
new LIRs on abuse handling, in a short webinar format with the help of the
RIPE NCC training department.
I have attached the draft proposal of the training and it would be great to
provide us with your feedback and input as long as it has to help you by
reducing the number of unwanted abuses from small and/or new LIRs.
Cheers,
Alireza
--
Alireza Vaziri
RIPE AA-WG Co-Chair
Context
The Internet is a complex ecosystem where many people and organisations
converge, with differing outlooks and motivations. While the vast majority of
these are for the general good, sadly that is not always the case. To deal with
this negative part, the RIPE Community created the Anti-Abuse Working Group
that aims to tackle online abuse from both the technical and non-technical
angles.
Some of the ideas that can be useful to understand the context of anti-abuse
and how important collaboration and mutual understanding is, are:
- Your outbound is somebodyâs inbound. And vice versa.
- My network, my rules. You want your rules accepted, accept the rules of
others as well.
- You define what abuse is. So do others. Be respectful and try to solve the
issues together.
- The community expects you to handle Abuse in your network and keep the
resources you have been granted clean
It is also not possible to have a one-fit-all definition of abuse. To say the
least it depends on the point of view, so you define when enough is enough.
Twitter has a different definition than a small LIR. While you have your
definition and Twitter has its own, don't judge another person for complaining
about what they define as abuse of their network. Be reasonable!
In addition to this, there are different types of resources to be considered.
For example, due to enormous IPv6 address space and v6 spammers constantly
changing their prefixes, it is not clear yet what are the best practices
fighting IPv6 abuses.
Despite the difficulties on defining anti-abuse, the WG considers that a
training activity about anti-abuse could be of great help.
Anti-abuse training
- Title: Anti-abuse for LIRs
- Target audience: Small new LIRs (mostly), but also all the other ones (eg.
old-big ones can share more with the new ones)
- Topic: How to report and handle abuse of your LIR resources (IPs and ASNs)
- Stakeholders: RIPE NCCâs LIRs (with special focus on very small LIRs that
doesnât know where and how to report abuse), targets of abuse, "facilitators"
of abuse, the ones that abuse, LIRs with resources in other RIRs
- Format: webinar (1-2 hrs) with trainers and interaction (questions and polls)
*In the future we can develop other reference materials for easy
sharing: BCOPs, RIPElabs articles, etc.
- Pedagogical approach: adult learning for professionals, where they will learn
actionable things that are useful for their daily job.
- Scope: We consider abuse and anti-abuse from the point of view of RIPE
NCCâs LIRs and related with Internet numeric resources (IPs and ASNs)
- Main Goals (from the participant point of view):
1) Explain the "abuse" context, and identify your place on it
2) Understand what is expected from you from the Internet community
Examples of questions to ask yourself: What led your network to abuse
others?, Am I attacking others currently?, How do I know?, Where should I check
my reputation?
3) Define a plan about what you, as an LIR, can do for others about
fighting abuse
Examples: maintain your anti-abuse contact info, report on abuse,
share info on abuse cases, collaborate with other stakeholders (LEAs, CERTs,
LIRs, RIPE Community), automate abuse handling/tools?
4) Understand what you can expect from other stakeholders related with
abuse fighting
Examples of stakeholders: LIRs/resources in all RIRs
5) Define a plan about what you, as an LIR, can do for yourself about
handling abuse
Examples: your reputation matters, what to do if you are the victim or
facilitator of abuse?, automate abuse handling/tools?, What are the
consequences of not handling abuses?