PIR’s DNS Abuse Institute has launched “NetBeacon” their new DNS abuse tool. The tool is aimed at both reporters of DNS abuse as well as registrars and registries.
I signed up for an account yesterday and was walked through the onboarding process as a registrar.
Registrars can have multiple users on the system and can tweak settings so that multiple email addresses get alerts or so that different types of abuse reports get routed to different mailboxes. For a smaller registrar like ourselves this isn’t necessary, as the volume of reports we get is manageable, but for larger registrars I can see why they’d want to funnel reports into different places.
You can also choose if you want machine readable reports (XARF) or human readable ones. You can also tweak how the reports are “enriched”.
But what’s really attractive from a registrar perspective in my view is the reporting system.
Reporters are shepherded through the process so that they have to provide pertinent information with their reports, thus making it a lot easier on the receiving end to be able to investigate and action them faster.
It’ll be interesting to see how takeup for the tool will be on both sides. It’s 100% free to use unlike many tools and services in the anti-abuse space, so its price is definitely attractive!
Here’s the official announcement from yesterday:
The DNS Abuse Institute (DNSAI), which was created by Public Interest Registry (PIR) in furtherance of its non-profit mission, today announced the launch of NetBeacon, the first centralized DNS Abuse reporting service. As part of its ongoing mission to combat DNS Abuse and bolster Internet safety, the DNSAI is now launching its largest undertaking to date. The DNSAI is launching NetBeacon in collaboration with CleanDNS, an anti-abuse solution developer, which generously donated the development and technology behind NetBeacon.
NetBeacon will be publicly available free of charge for anyone to easily submit or receive reports of DNS Abuse—which includes harmful Internet activities such as malware, botnets, phishing, and spam. Streamlining what has long been a manual, slow, and convoluted investigatory process, NetBeacon will collect standardized reports of DNS Abuse, enrich them with useful information for registrars, and route reports through the appropriate channels.
“NetBeacon addresses the yearslong, industry-wide need for a reporting system that can simplify, standardize, and streamline the process for reporting DNS Abuse,” said Graeme Bunton, Director of the DNS Abuse Institute. “Historically, the process has been confusing and inconsistent—leading to reports that are misdirected or lack the necessary evidence for registrars to take action. NetBeacon not only helps registrar partners effectively address DNS Abuse on the back-end but also provides an opportunity to publicly illustrate a commitment to Internet safety for all users. By working together, we can make real progress towards our shared goal of making the Internet a safer place.”
NetBeacon’s core functions are designed to make it easier for registrars to receive and process abuse claims. By providing a single venue, with standardized fields and evidence requirements, NetBeacon aims to improve the quality of reports. Each report will include fields for the domain in question, the type of abuse, a description of abuse, date of abuse, and any additional evidence.
“Netbeacon is the next step forward in combating DNS Abuse; enriched reports will save us time and create a safer DNS environment.” said Theo Geurts, Compliance & Policy Officer of Realtime Register.
The Institute will accept DNS Abuse reports through three core mechanisms. First, reports can be submitted via NetBeacon’s website (www.NetBeacon.org). The DNSAI has also been working with registrars and partners to embed submission forms directly on their websites—where people purchase and manage their domains. Additionally, there is an API for report acceptance, allowing approved participants to submit abuse complaints programmatically, and at scale.
“While there have been efforts to address DNS Abuse by some leading actors, both within and outside the industry, not all stakeholders have adequate resources to combat the issue on a large scale,” said Jon Nevett, President and CEO of PIR. “Through initiatives like NetBeacon, Public Interest Registry and our DNS Abuse Institute are advancing policies, creating partnerships, and developing resources to help all stakeholders—including registries, law enforcement agencies, consumer protection entities, and the general public—more effectively collaborate to tackle DNS Abuse and make the Internet a safer place for all.”
“CleanDNS is a passion project for me that involves a determined effort to support both the infrastructure and abuse reporting communities to standardize and escalate abuse resolution and mitigation efforts across the internet,” said Jeffrey Bedser, CEO of CleanDNS. “We at CleanDNS are proud to work with the DNS Abuse Institute with the donation of the systems and processes behind NetBeacon. The efforts undertaken here coupled with other industry efforts will facilitate ongoing processes to reduce, limit, and mitigate victimization of consumers via varied forms of DNS Abuse.”
PIR has long been committed to combating DNS Abuse. In 2021, PIR launched the DNS Abuse Institute to support the broader DNS community as part of its non-profit mission. In 2019, the organization helped spearhead the Framework to Address Abuse that sets forth registries’ and registrars’ responsibilities when it comes to addressing DNS Abuse.