Previously where there are incidents of network abuse or security events, network operators in the APNIC region use tech-c or admin-c contacts in the APNIC Whois Database to report network abuse activities. With the increase in reports of network abuse, it is important that such reports be directed to specialized teams such as Incident Response Teams (IRTs).
APNIC implemented mandatory IRT references on 8 November 2010. This means an ‘irt‘ object reference is now mandatory when any inetnum, inet6um and aut-num objects are updated or created in the APNIC Whois Database. Together with this policy implementation, the abuse-mailbox attribute was removed from ‘role‘ objects in early 2011.
See the IRT Object template for more information.
The importance of providing your Abuse Contact information
- Dedicated contacts or teams that specifically resolve computer security incidents
- Stops the tech-c and admin-c from getting reports of abuse
- Efficient and accurate response
- Shared response to address abuse
“Ensuring that there is a dedicated contact or department that specifically resolves security issues will limit potential damage and enhance recovery.”
More and more IRTs are also working together to share response strategies, to more quickly allow networks to identify and prevent abuse and other security problems.
What you need to do
Learn how to create your own IRT object with the following manual: