So today I finally got fed up with the all the spam bots that have been appearing on my forum and started going through and contacting the ISP to have them blocked as well as doing the blocking locally. Actually I don’t have that many bots visiting but there are enough and they like to try to do this type of posting http://www.mysite.com/index.php?topic=http://somepornsite.com/lookatme?. Which of course doesn’t work on my website but adds crap into my error log. I’ve never really heard of Error Log spamming but apparently it is happening quite often.
Now normally when I contact an ISP I find under ARIN or some other Who Is type site the email address for abuse reporting. However when I looked up Cox Communications because of this IP 68.103.150.86 I find that they have no way of reporting abuse on their network. I even went to their website and still found nothing. Honestly, they really need to do something about this. I’m actually tempted to ban the entire COX network from my site. I might do it still if the number of bots on their network increases.
6Mar09 at 15:57:44
Another point here is that not all whois lookups support the format NET-x-x-x-x-x. I had never heard of arin until I read your blog, and have always used the whois that netsol, or network solutions provides, which cannot decode that format.
27Dec08 at 22:54:17
Hi Brian Thanks for Commenting
Actually yes. Apparently what happens is that if a company or entity owns multiple IP ranges then they are first listed as you see in my comment above yours. You then need to search on the range between the parenthesis to find the actual listing.
This may actually be a problem with the way ARIN lists their entries.
However, I also feel that the Cox Communications website needs some re-thinking when it comes to finding their policies link so that it is easier to find.
27Dec08 at 19:40:05
Hello,
So I’m curious – did this resolve the issue you were encountering? Apparently they require a different ARIN query format than you were using?
Thanks!
Brian
19Jan08 at 13:12:40
Interesting when I checked ARIN this is what I get
http://ws.arin.net/whois/?queryinput=68.103.150.86
Which really isn’t enough to go by. As for your policies link I just now found it as approximately 6pt text at the bottom of your site. It is difficult to find and not in a place where someone who is not a customer would go looking for it.
It is my opinion that Cox Communications might want to take a look at making ALL of their entries in ARIN display the correct information and to make the link on your site easier to find instead of all of the advertisement for your services.
18Jan08 at 17:08:03
I apologize for any difficulty you had in finding our abuse reporting address. We do publish it in all our ARIN whois records. Here’s the record for that particular ip address:
http://ws.arin.net/whois/?queryinput=!%20NET-68-96-0-0-1
OrgAbuseHandle: IC146-ARIN
OrgAbuseName: Cox Communications, Inc
OrgAbusePhone: +1-404-269-7626
OrgAbuseEmail: abuse@cox.net
On our web site, we publish the abuse contact under the “Policies” link as part of our Acceptable Use Policy.
Please do send us any logs you have showing malicious traffic from the ip address in question so that we may investigate the issue.
Thanks,
- Matt