Protecting Resource Records in APNIC Whois Database Database SIG APNIC-16, Seoul August 2003 Sanjaya

Slides:



Advertisements
Similar presentations
Internet Number Resource Status Report As of 30 June 2005.
Advertisements

LACNIC Policy Update Roque Gagliano LACNIC. Current Policies Proposals - LACNIC As a result of the Open Policy Forum at LACNIC XI four policy proposals.
Kuala Lumpur February 2004 APNIC 17 Kuala Lumpur February 2004 APNIC 17 IPv4 /8 Address Space Status.
La Habana - Cuba 18 November 2003 LACNIC V La Habana - Cuba 18 November 2003 LACNIC V IPv4 /8 Address Space Status.
Internet Number Resource Status Report As of 30 September 2004.
Montevideo 31 DE MARZO 2004 LACNIC VI Prepared By NRO (APNIC, ARIN, LACNIC, RIPE NCC)
Current Policy Topics Emilio Madaio Policy Development Officer RIPE NCC RIPE May 2013, Dublin.
Internet Number Resource Status Report As of 31 December 2004.
Internet Number Resource Status Report As of 31 March 2005.
JPNIC IPv6 agent service APRICOT2000 Seoul, South Korea Masayoshi Toya JPNIC secretariat 2000/3/1 Copyright(C) Japan Network Information Center.
1 IP Policy update - comparative status in all RIR regions Policy SIG 7 Sep 2006 APNIC 22, Kaohsiung, Taiwan Save Vocea.
Operational Policies for NIRs in the APNIC Region NIR Meeting APNIC14, Kitakyushu, Japan 4 Sept 2002.
1 IPv6 Allocation Status Report IPv6 Technical SIG 7 Sep 2005 APNIC20, Hanoi, Vietnam Srinivas (Sunny) Chendi.
Open action items Database SIG APNIC 18 Nadi, Fiji.
Major Activities in JPNIC Since APNIC17 Izumi Okutani Japan Network Information Center NIR 18, Fiji 31 August – 3 September, 2004.
1 RIR Policy Development Update Policy SIG 8 Sep 2005 APNIC20, Hanoi, Vietnam Save Vocea.
TWNIC RMS Update 16 th APNIC NIR SIG TWNIC Sheng Wei Kuo Aug, 2003.
AfriNIC Anti-Abuse Group S. Moonesamy AfriNIC 11 November
Shane Kerr. RIPE 45, May 2003, Barcelona. 1 RIPE Database Operations Update Shane Kerr RIPE NCC.
APNIC DB SIG Report Taipei 2003 Xing Li
APNIC Internet Routing Registry Routing SIG APNIC-15, Taipei 26 February 2003.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E APNIC Open Address Policy Meeting Address Policy SIG October 26th, Brisbane.
APNIC update ARIN XX 17 October 2007 Srinivas Chendi.
December 2013 Internet Number Resource Report. December 2013 Internet Number Resource Report INTERNET NUMBER RESOURCE STATUS REPORT As of 31 December.
March 2014 Internet Number Resource Report. March 2014 Internet Number Resource Report INTERNET NUMBER RESOURCE STATUS REPORT As of 31 March 2014 Prepared.
Whois Database Clean Up Project Report Database SIG APNIC 16, Seoul, Korea 20 August 2003.
Sweeping lame DNS reverse delegations APNIC16 – DNS Operations SIG Seoul, Korea, 20 August 2003.
1 prop-018-v001 Protecting historical records in the APNIC Whois Database Project Update DB SIG APNIC18 2 September 2004 Nadi, Fiji Sanjaya, Project Manager,
Anne Lord & Mirjam Kühne. AfNOG Workshop, 10 May The whois Database Introduction and Usage.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Database SIG APNIC Database Privacy Issues 1 March 2001 APRICOT, Malaysia Fabrina.
Prepared by The Regional Internet Registries [APNIC, ARIN, LACNIC and RIPE NCC]
APNIC Status Report LACNIC V November 2003 Havana.
Policy implementation and document status report Address Policy SIG APNIC 15, Taipei, Taiwan 27 February 2003.
1 APNIC allocation and policy update JPNIC OPM July 17, Tokyo, Japan Guangliang Pan.
Status report on Lame Delegations (work in progress) George Michaelson DB SIG APNIC17/APRICOT 2004 Feb KL, Malaysia.
18th APNIC Open Policy Meeting SIG: DB Thursday 2 September 2004 Nadi, Fiji Chair: Xing Li.
APNIC Status Report ARIN X Eugene, Oregon Oct 30-Nov 1, 2002.
Prop-007-v001 Privacy of customer assignment records Project Update DB SIG APNIC 18 1 September 2004 Nadi, Fiji Sanjaya, Project Manager, APNIC Secretariat.
July 2002IEPG, Yokohama, Japan RIR Co-ordination and Joint Statistics IEPG, Yokohama, Japan Prepared By APNIC, ARIN, RIPE NCC.
Whois Domain Object Authorisation APNIC18 – DB SIG Nadi, Fiji 2 September 2004.
Update of WHOIS Data Privacy in JP Izumi Okutani Japan Network Information Center (JPNIC) DB SIG APNIC Indonesia.
30 April 2003 ITU SG2, Geneva, Switzerland Axel Pawlik, RIPE NCC Information Document 21-E ITU-T Study Group 2 May 2003 Question:1/2 Source:TSB Title:The.
APNIC Status Report ARIN XII October, 2003 Chicago.
APNIC abuse procedures Network abuse BOF. Types of abuse reported Spam Hacking Viruses Identity/credit card fraud Threats and stalking.
Prop-007-v001 Privacy of customer assignment records Project Update DB SIG APNIC February 2005 Kyoto, Japan Sanjaya, Project Manager, APNIC Secretariat.
Proposed APNIC protocol for handling of abuse complaints Network abuse BOF Gerard Ross, APNIC.
RIPE 47: IPv6 WG 27 January 2004 Hotel Krasnapolsky, Amsterdam Jeroen Massar IPv6 Golden Networks.
Whois & Data Accuracy Across the RIRs. Terms ISP – An Internet Service Provider is allocated address space by an RIR for the purpose of providing connectivity.
IPv6 address deployment status Paul Wilson, APNIC
RIR Co-ordination and Joint Statistics
A proposal to deprecate ip6.int reverse DNS service in APNIC
Lame DNS Server Sweeping
IPv6 address deployment status Paul Wilson, APNIC
AFRINIC Services Update
RIPE Whois Database Software Recent Changes
A Proposal for IPv4 Essential Infrastructure
Downstream Allocations by LIRs A Proposal
Joint IPv6 Forum/IPv6 SIG APNIC 15, Taipei, Taiwan 26 February 2003
Sanjaya, Project Manager, APNIC Secretariat
APNIC 14 DB SIG Report Xing Li
A Proposal to Protect Historical Records in APNIC Whois Database
Recovery of Unused Address Space prop-017-v001
Proposal to Deprecate MAIL-FROM in Maintainer Object
Supporting Historical Resource Transfers
Privacy of Customer Assignment Records
Proposal to Clean Up Whois Database
Status Report on Policy Implementation at the APNIC Secretariat
Whois Database Upgrade
IPv6 Policy Update ~ APNIC community ~
prop-025-v001 Proposal on IPv6 IRR service at APNIC
Presentation transcript:

Protecting Resource Records in APNIC Whois Database Database SIG APNIC-16, Seoul August 2003 Sanjaya

Overview Motivation Background Proposal Other RIRs Test Result Case Study Implementation

Motivation Correctness of resource records in APNIC whois database (inetnum, inet6num, aut- num) is becoming critical in internet operations Unprotected resource records are subject to misuse Unmaintained resources have actually been used by parties other than the original custodians

Background During whois v3 migration, all unprotected resource objects were temporarily maintained by MAINT-NULL Proposal in APNIC-14 to replace MAINT- NULL with parent object mantainer did not receive consensus, but a test project was approved A test has been conducted on IPv4 202/8 range and APNIC secretariat is ready to go ahead with the proposal

inetnum: netname: SAMPLE-NETWORK descr: SampleNet Holdings Ltd country: AU admin-c: XA1-AP tech-c: ZY2-AP rev-srv: alien.sample.net.au rev-srv: terminator.sample.net.au notify: mnt-by: MAINT-NULL changed: status: ASSIGNED NON-PORTABLE source: APNIC Example Unprotected Object:

Example Parent Object: inetnum: netname: UPSTREAM-SAMPLE-NETWORK descr: Upstream Sample ISP descr: Brisbane country: AU admin-c: XX3-AP tech-c: ZZ3-AP notify: mnt-by: MAINT-AP-UPSTREAM changed: changed: status: ALLOCATED NON-PORTABLE source: APNIC

Proposal Protect all internet resource objects (inetnum, inet6num and aut-num) with proper maintainers. An unprotected object mnt-by attribute (currently has 'MAINT- NULL' value) will be filled with its parent's mnt-by value. Deprecate NONE value in maintainer object's auth: attribute

mntner: MAINT-AU-UPSTREAM descr: Upstream Sample ISP descr: Level 20 descr: 40 Waterloo Road descr: Milton QLD country: AU admin-c: XX3-AP tech-c: ZZ3-AP upd-to: auth: NONE remarks: One of the Maintainer for Upstream Sample mnt-by: MAINT-AU-UPSTREAM referral-by: APNIC-HM changed: source: APNIC Example Unprotected Maintainer: 101 unprotected maintainers found in APNIC whois

Other RIR RIPE –A proposal has been put forward to deprecate auth: NONE ARIN –ARIN database does not allow unprotected record LACNIC –LACNIC database does not allow unprotected record

Test Result On 15 July 2003, we run a MAINT-NULL replacement script on IPv4 202/8 range –Total objects found: 2,889 –Total objects successfully converted: 2,419 –Total failed to convert: 470 Failure reasons: –Parent object is also protected by MAINT-NULL: 324 –Object contains other error (e.g. invalid nic- handle etc.)

Test Result Objects found by geography: CN813 NZ684 AU318 TW313 HK200 IN117 TH112 Others332 As of the time this report is written, we have not received any complaint about the MAINT-NULL replacement from affected members

Implementation 30 days after approval APNIC secretariat will remove MAINT-NULL from: –APNIC IPv4 address range delegated from IANA –APNIC ASN range delegated from IANA –APNIC IPv6 address range delegated from IANA –ASN range received by APNIC from ERX project –IPv4 address range received from AUNIC IPv4 address range received by APNIC from ERX project will always be protected

Implementation Proposed auth: NONE deprecation schedule: –Send notifications to the contact persons of maintainer objects currently protected by auth: NONE, requesting them to change the authentication method. –60 days after notification is sent, if auth: NONE has not been changed, APNIC secretariat will replace it with auth: CRYPT-PW.

Implementation Any error will be corrected within 2 APNIC secretariat business days (must have supporting documents) APNIC secretariat will present the implementation project report in: mailing list –APNIC-17 Database SIG meeting

Questions & Answers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.