On 2013-08-23 09:43, Markus Wild wrote: [..] > My manual approach would be to lookup whois > data for the respective IP (which by itself can be a multi step process, > since you first need to find the right registry), and look for an > abuse-contact there. But, whois isn't exactly engineered for automated > mass lookups (+), and if I did this I'm sure I'd probably be violating > terms of use of at least some of the registry whois servers, and be > locked out. So, what alternatives are there? I saw that abuse.net keeps > a nice DNS based lookup service for domain names, but they > unfortunately don't do this for IP addresses. How are others doing > this? I know I occasionally received output of fail2ban scripts when > working for a larger ISP. Are these all in-house local developments?
Please check for instance: https://code.google.com/p/collective-intelligence-framework/ or http://csirtgadgets.org/ Greets, Jeroen _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog