North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

[eweek article] Window of "anonymity" when domain exists, whois not updated yet

  • From: Suresh Ramasubramanian
  • Date: Mon Jan 10 21:58:44 2005
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding; b=Xdg0kmoj5s3eD29xN/MdyTmTTMIzcoE8D/9nySGD0eCEzr6yMLEwoeWzpO51mDweaojAaBTiTdR56vcXlbXckiJN+rO/NiEn967pyAi5Zb9NnY/FJSa6RPf9e+StzCToyNHgiI4+guveXn8YrH1RGEbgKC85sp44qXUlv/k1U0w=

and it is being abused - well, nanog found out about this a while
back, but the popular press (read - eweek magazine) seems to have
discovered it now, or at least think they've discovered it .. their
idea of the situation is a bit skewed.

--srs

What actually happens -

http://www.mail-archive.com/[email protected]/msg28312.html

> Read NANOG archives - Verisign now allows immediate (well, within about 10
> minutes) updates of .com/.net zones (also same for .biz) while whois data is
> still updated once or twice a day. That means if spammer registers new domain
> he'll be able to use it immediatly and it'll not yet show up in whois (and so
> not be immediatly identifiable to spam reporting tools) - and spammers are in
> fact using this "feature" more and more!

And what eweek thinks happens - and I don't think their interpretation
is workable, but the above nanog thread should explain what they're
seeing.  What's more fun is the "quotes" from some people (including
an ex chair of the ASRG) in the article ..
http://www.eweek.com/article2/0,1759,1749328,00.asp

The only worthwhile quote from there is this one from Paul Mockapetris -

> We have to figure out how to taper DNS services gracefully rather than having 
> catastrophic failures," said Paul Mockapetris, the author of the first DNS 
> implementation and chief scientist at Nominum Inc., based in Redwood City, 
> Calif. "Mail look-up was the first application put on top of DNS after I 
> designed it, and I was so excited to see that. And now, 20 years later, 
> people are trying to figure out how to stop doing mail look-up on DNS. It's
> bizarre."