North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Internic hosage (fwd)

  • From: Dean Robb
  • Date: Fri Mar 20 22:07:41 1998

At 16:08 3/20/98 -0500, Dean Anderson wrote:

[snip] 

>You seem to be assuming that hosting a foreign-registered domain in the US
>is evidence of some kind of deception or conspiracy.  I just don't see any.
>Indeed, I just registered youdontwant.to via the Tonic registry. No
>deception. Perhaps I'll track anti-spam terrorism on
>perhaps.youdontwant.to. ;-) **
>Unfortunately, Tonic doesn't seem to have a whois server.  In any case,
>Internic doesn't have anything to do with it.  As Eric said, but you won't
>accept.

Try reading again.  I have no problem, nor did I imply a problem, with
foreign hosts having listings in InterNIC.  The 'Net IS worldwide, after
all.  I cannot imagine where you get the idea that I "won't accept" this
concept.  And if you read Tonic's webpage, you'll see that there is a
database at www.tonic.to/whois?xxxxxx.to (xxxx being the domain in
question).  Tonic's WhoIs doesn't provide a contact info, but it does
provide server and IP info.  Sorry, Dean...your anti-spammer bias seems to
be coloring your comments.

[snip comments based on erroneous premise of no WhoIs at Tonic]

>existance of host record in another registry doen't mean it could be
>accidentaly put into the domain record. This host information may be in
>fact be wrong or just useless or just informational but whatever the case,
>it doesn't have any effect on anything.

Actually, you're quite wrong.  SEVERAL RFCs require accurate information in
the WhoIs database, NSI's Registration Agreement requires it and WhoIs is
heavily used to contact domains/networks for various reasons (some quite
important).  The point and problem is that NSI (with this one, notable,
exception) does nothing when presented evidence of falsified data in WhoIs.
  Now...what good is a database with known inaccuracies?

As to verification, I can't think of an easy, effective way to verify the
template information when presented for domain registration.  However, when
lies and false information in that registration is pointed out, NSI has an
obligation to take action as provided for in the signed Registration
Agreement.

>While a bogus host record could possibly be some foolish failed attempt at
>spoofing the domain, it could also (more likely) be the remnants of some
>past or future association. In this particular case, I'd bet that someone
>incorrectly added a host record to Internic, instead of Tonic, by simple
>mistake. The owner of the domain probably knows which. Its mere existance
>doesn't mean anything conspiratorial is going on.  Perhaps a quiet message
>to the domain owner noting this looks a bit crufty might be nice. But there
>is nothing for either Internic or Nanog to do. If its conspiracy you are
>looking to expose, your time is probably better spent looking for the
>second iceberg that really sank the Titanic.

Actually, there is strong evidence that a significant percentage of the
incorrect information in WhoIs is there deliberately...inserted by
net.abusers trying to avoid identification.  There may be a large number of
just plain errors, too...so why is nothing done to try to clean up the
database?  

A nice quiet message to the person who registered MartianConsulate.com and
listed a phone number of 555-1212 isn't likely to do much; nor will a
polite email to the person who registered his contact info as
"[email protected]".  THESE are the folks that need to be deleted. 

As for nothing InterNIC or NANOG can do:  It is NSI's job to administer the
database.  Ensuring valid data is part of administration of a database.
NANOG member interface and work with NSI daily...who better to help them
get their act together?  Or do you really want to be the one deluged with
flamemail because some spammer listed your server as his?

>** (Seriously, I did mean to follow-up the anti-spam terrorism thread last
>week--If people email me privately, I will try to organize tracking of
>anti-spam criminal activities.  I also want to organize a group of
>moderates to advocate rational laws regulating spam. Many of the people who
>are talking with legislators right now are radicals or just ignorant. We
>really need some moderates to get involved.  As you can see, there are some
>very misguided people out there talking to even more ignorant people in the
>Press and in Legislative bodies.)

Ah...now the agenda becomes more clear.  Guess what?  I'm an anti-spammer
and have never hacked anything other than wood in my life.  NANOG is
definately inappropriate for us to discuss our differences in opinion, but
you're webpage "Stupid Laws" section shows you to not believe that spam
hurts anyone.  Guess ACSI didn't really sue ConnectUp over spam; AOL, GTE
and @Home didn't really have mail servers crash from spamloads; none of the
backbones prohibit spam; RFC 1855 doesn't abjure the sending of unsolicited
email; and there's no problem with spam.

Maybe all those who don't like spam should just email you privately (at
this or your [email protected] [you know, the one you send unsolicted
commercial email aka spam from] address?)?  
Spam:  it's not just for breakfast anymore....

Dean Robb
PC-Easy 
On-site computer services
(757) 495-EASY [3279]