How APNIC can engage with together with the LEA community, to help them understand better how the registry system works, and the information in the whois database can assist them.
2. “A global, open, stable, and
secure Internet that serves
the entire Asia Pacific
Internet community”
APNIC
Vision
3. Agenda
• Introducing APNIC
– About APNIC
– APNIC’s role and services
• Working with the law
enforcement community
• Capacity building in the
Eurasian region
– by APNIC (Asia Pacific)
– by RIPE NCC (Europe)
6. What is APNIC?
• Regional Internet Registry (RIR) for the
Asia Pacific region
– Comprises 56 economies
• Secretariat located in Brisbane,
Australia
– Currently employs around 70 staff
• Not-for-profit, membership-based
organization
• Governed by the Executive Council
(EC), who are elected by the Members
6
7. IP Address Delegation
7
APNIC
Delegates
to APNIC Member
Member (ISP)
Customer / End User
Delegates
to customers
ISP customer
/8
APNIC Allocation
/22
Member
Allocation
Sub-
Allocation/24
/26/27 /25
Customer
Assignments
/26 /27
RegistryRealmOperatorsRealm
8. • Delegates and manages Internet
resources
– IPv4 and IPv6 addresses
– AS Numbers
• Maintains the APNIC Whois Database
• Manages Reverse DNS delegations
– But is NOT a domain name registry
• Facilitates IP address policy
development
• Provides training and outreach on
resource management, in particular
IPv6 deployment
• Provides Conference events
• Is an authoritative source of
information
– LABs
• Supports Internet development
– Root server deployment, ISIF
APNIC’s role
and services
8
11. APNIC collaborates, cooperates and work
together with law enforcement agencies, to
ensure that the Internet remains an open,
secure and stable platform
12. Law enforcement agencies
engagement plan
• Transparency of APNIC
procedures
• APNIC’s policies on handling
of personal information
• Training and capacity building
activities for LEAs in APNIC
service region
Transparency
14. • APNIC provides
training and
capacity building to
law enforcement
agencies
• Help you explore
the data on the
public WHOIS
database
Training and capacity building
15. Training and capacity building
APNIC Training
Network operators;
engineers
Law enforcement
investigators
LEA:
Justice sector
16. Training syllabus
• Internet governance
– who runs the Internet?
• Managing Internet resources
• Internet resources registration
• Reverse DNS
• APNIC WHOIS database
– How to use APNIC WHOIS?
• Internet Routing Registry (IRR)
17.
18. Authorisation Mechanism
inetnum: 202.137.181.0 – 202.137.196.255
netname: SPARKYNET-TC
descr: SparkyNet Service Provider
…
mnt-by: APNIC-HM
mnt-lower: MAINT-SPARKYNET1-TC
mnt-routes: MAINT-SPARKYNET2-TC
This object can only be modified by APNIC
Creation of more specific objects (assignments) within this
range has to pass the authentication of MAINT-SPARKYNET
Creation of route objects matching/within this range has
to pass the authentication of MAINT-SPARKYNET-WF
19. inetnum:
Allocation
(Created by APNIC)
3
Using the Whois – step by step
Customer Assignments
(Created by Member)
person:
nic-hdl:
KX17-AP
Contact info
1
Data Protection
mntner:
2
inetnum:
...
KX17-AP
...
mnt-by:
...
4
inetnum:
...
KX17-AP
...
mnt-by:
...
5
inetnum:
...
KX17-AP
...
mnt-by:
...
6
20. Whois Database Queries
– Flags used for inetnum queries
None find exact match
- l find one level less specific matches
- L find all less specific matches
- m find first level more specific matches
- M find all More specific matches
- x find exact match (if no match, nothing)
- d enables use of flags for reverse domains
- r turn off recursive lookups
22. What needs to be visible?
IANA range
Non-APNIC range APNIC range
NIR rangeAPNIC allocations & assignments
NIR allocations & assignments
Customer assignments Infrastructure Sub-allocations
must be
visible
visibility
optional
LIR/ISP
PORTABLE addresses
NON-PORTABLE addresses
24. LEA capacity building in 2013
Wellington, New Zealand
(May 2013)
• Law enforcement agencies
workshop
• Held in conjunction with
InternetNZ (.nz registry)
• Attendees:
– NZ Police - E-Crime/ Cyber
Crime group and Online Child
Exploitation (OCEANZ)
– Department of Internal Affairs -
Censorship and Compliance
(Anti-Spam team)
– National Cyber Security Centre
(NCSC)
25. LEA capacity building in 2013
• Colombo, Sri Lanka
(October 2013)
• Manila, Philippines
(December 2013)
26. Training and capacity building
• Training delivered in 2013
– Wellington, New Zealand – May 2013
– Colombo, Sri Lanka – October 2013
– Manila, Philippines – December 2013
• Training planned for 2014 – more regionally focused
– Pacific regional training – New Zealand (May-June 2014)
– “Justice Sector Workshop”, in conjunction with APTLD, during
APrIGF – Delhi, India (August 2014)