Perhaps some organization of Network Operators should come up with an objective standard of what constitutes “abuse” and a standard format for reporting it.
If only there was such an organization. Sent from my iPhone > On Apr 29, 2020, at 11:14 AM, Chris Adams <c...@cmadams.net> wrote: > > Once upon a time, Mukund Sivaraman <m...@mukund.org> said: >> If an abuse report is incorrect, then it is fair to complain. > > The thing is: are 3 failed SSH logins from an IP legitimately "abuse"? > > I've typoed IP/FQDN before and gotten an SSH response, and taken several > tries before I realized my error. Did I actually "abuse" someone's > server? I didn't get in, and it's hard to say that the server resources > I used with a few failed tries were anything more than negligible. > > I've had users tripped up by fail2ban because they were trying to access > a server they don't use often and took several tries to get the password > right or had the wrong SSH key. Should that have triggered an abuse > email? > > -- > Chris Adams <c...@cmadams.net>