North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: more Internic nightmare

  • From: Derek Balling
  • Date: Tue Mar 23 20:02:44 1999

On Tue, 23 Mar 1999, Roeland M.J. Meyer wrote:

> Yes, this can be circumvented, but it would cost a lot more than the $70
> for a domain registration. In addition, the whois server would know exactly
> who is mining the data and would be able to track them, even if they spread
> it out over months.

Unless you're planning on enforcing passwords for contacts then I don't
think it'd take all that much to SIMULATE a client, choosing random people
from the whois database, and blaming other people for your whois queries.
An even more intelligent system would use the tech contact for the LAST
result as the requestor for the current one so that there would be no
visible pattern.

The source code for the client is going to be out there, so people will
figure out how it works, reverse engineer a version that uses a forged,
but existing, tech contact, and go on with their day.


Derek J. Balling          | "Bill Gates is a monocle and a white 
[email protected]        |  fluffy cat from being a villain in the  |  next Bond film."  - Dennis Miller