Safe Netting

Net Safety & Digital Ethics from the Frontline

Safe Netting header image 2

ICANN, Registrars threaten Internet security

July 17th, 2008

Over the past several months we’ve reported on several issues within the ivory towers of Internet domain name management that affects every Internet user. These issues are now boiling to critical mass and you should at least be aware of what’s going on…

Domain kiting and the faulty, bogus Whois registry are largely responsible for most of the spam and internet crime like phishing and identity theft running rampant today. We have worked closely with Knujon.com sending daily spam reports and aiding in tracking outlaw domains used by organized online crime. The story has become very interesting since Knujon and several others began blowing the alarms against ICANN in the main stream media. Our (UGN Safenet) rants date back to the turn of the century, prompting our 2002 “ISP Anti-Spam Self-regulatory Initiative”.

As the public cry for accountability in domain name accountability reached critical mass, the underbelly of the net began striking back. Incidents included a denial of service attacks (DDoS) against the very foundation of the Internet’s naming authority ICANN. Similar attacks have been launched against other outspoken entities who support accountability in Internet management. Hours after voicing our staunch support for Knujon’s battle against rogue registrars, citing the 60-Second Window column “Crime gets a free ride from ICANN”, that site was hit with an attack of email spam that effectively knocked out the mail server. So it is painfully obvious that internet crime is not going to give up their free ride without a fight.

There are so many references to these events, we’re not even going to attempt to link you out to them. A simple Google of “domain kiting” or “domain tasting” and “rogue registrars” will bring you more information than you care to cope with.

What is internet accountability?

When a crime is committed, law enforcement tracks the criminals through various known methods of pursuit. One of these is identifying who the criminal is and where he is located. With internet crime, these methods have become almost impossible because the regulating body (ICANN and IANA) has ceased to hold their own registrars and hosting ISPs accountable for the people they sell domains to.

First, the criminals go to heroic measures to mask their identity and location. All Internet domain names are, by ICANN regulations, supposed to be registered with authentic identity information about the owner. That information is maintained and administrated by ICANN and contained in the Whois
. Criminal web sites and email server owners intentionally falsify that information to elude detection. It’s been estimated that 90% of the internet domains in use today are owned by registrants with forged or bogus identities.

The next level of trackability for all internet activity is the IP address. This unique identification number specifically identifies where a device is located on the Internet — sets of digits, separated by dots: 111.111.111.111. All domains (dot-coms, etc.) reside on one of these numbers, and the numbers are leased by Registrars. Here’s where the problem hits the pavement: in email, these numbers can be effectively forged or hijacked so the sender cannot be identified. However the domain advertised (spamvertised) in email cannot. Otherwise, the victim would not be able to reach the criminal’s web site where the dirty work goes on. So the domain and it’s hosted IP address is the last point of accountability.

Rogue Registrars

That last hope to track and curtail internet crime is seriously undermined by rogue registrars. These are organizations which ICANN has given the power to sell and assign domain names and IP addresses, yet have masked, forged or falsified their Whois information so their identity cannot be discovered and they can elude law enforcement pursuit. This is strictly against the policies of ICANN and IANA, yet the practice is allowed to continue. So, if you cannot find who owns the IP address of criminal activities, and you cannot identify where they are hosted, or who provided their IP addresses, the criminal is untouchable.

This brings us to our story for today:

Unknown and Unaccountable - KnujOn Reports

Garth Bruen, co-developer of Knujon.com files this report:

Last month we told you all that that 70 Registrars were in Mystery locations. These are the companies that sponsor domain names on the Internet and are ultimately responsible for the usage of those domain names. Every registrar is responsible for ensuring that their customers do not use their domain names for illegal activities. The question is, how do you ensure that responsibility if you don’t even know where those registrars are or who owns them?

One month later we have noted that 8 of the 70 have been updated but 5 NEW registrars have been added with no location or country information, changing the total to 67. 8 Registrars do not have their country of location listed. While it would be possible to research these locations, the consumer should not have to. This is about building public trust and confidence.

Also, The Washington Post reported that KnujOn #7 Worst Registrar Dynamic Dolphin was owned by Scott Richter, the so called MySpace ‘Spam King’. Brian Krebs at the Post also disclosed that the highly questionable PivacyProtect.org, a service that has masked the ownership of many spam-advertised, unlicensed Internet pharmacies, is also owned by Richter’s company.

This from Brian Krebs, Washington Post Computer Security columnist

Out of the 15,000 spam-advertised domains we examined, nearly half — 7,142 names — were registered through a Broomfield, Colo. company called Dynamic Dolphin. As I noted in my previous story, Dynamic Dolphin is the seventh most-popular registrar among spammers who provide patently false information in their public WHOIS records. (6/19/08)

Knujon continues:

An additional revelation that came out of the Post article was the real location of the registrar Direct Information PVT Ltd/PublicDomainRegistry.com. Previous to KnujOn’s Ten Worst Registrar report Directi/PDR claimed to be located in Beaverton, Oregon (U.S.). However, it was revealed that this company is actually located in India. There is no problem with an Internet company being located in India, but why the misinformation?

The registrar EstDomains has its address listed in Wilmington, Delaware. For those who don’t know Delaware is a common location to register a business for legal or tax reasons. The business is rarely actually located in Delaware. There is nothing inherently wrong with this but it does raise more questions.

Two other registrars that have come to our attention: dynadot.com and DSTR ACQUISITION VII, LLC only have post office boxes listed as business addresses.

The point here is that the companies sponsoring the domains advertised in spam are just as unknown and unaccountable as the spammers. This situation allows Internet abuse to exist with impunity. However, we will keep pushing these issues for as long as it takes.

Full list is here: http://www.knujon.com/news.html#07102008

Further Reading:

KnujOn.com pronounced “nudge on” and “No Junk” spelled backwards! http://www.knujon.com/news.html

Why Internet crime exists — KnujOn’s comprehensive white paper the real problems behind email abuse and Internet crime, and what the critical failures have been in dealing with it (PDF) KnujonWP.pdf

KnujOn Records 50,000th Spam Website Suspension — Project KnujOn (knujon.com) exceeded 50,000 spam related site shutdowns, a huge milestone. KnujOn is transforming the “unsolvable” spam problem into a situation that can be understood, managed, minimized and defeated http://www.prweb.com/releases/fight/spam/prweb567209.htm

#7 Worst Registrar Owned by Scott Richter - Brian Krebs, Washington Post Computer Security columnist - Out of the 15,000 spam-advertised domains we examined, nearly half — 7,142 owned by one cyber crime spammer
blog.washingtonpost.com

Most Spam Sites Tied to a Handful of Registrars — New research suggests that more than three quarters of all Web sites advertised through spam are clustered at just 10 domain name registrars. blog.washingtonpost.com

Anonymous Domain Sales: A Spammer’s Delight — Spammers routinely register their sites under false names, or hijack someone else’s identity to do so. But new research shows they’re also paying for premium services when registering domain names to ensure a deeper level of anonymity.
blog.washingtonpost.com

Crime gets a free ride from ICANN 60-Second Window article explaining how ICANN is allowing the existence of internet crime through domain kiting — domain tasting. www.60-seconds.com

ICANN gets Hijacked - Visitors who intended to reach iana.com, iana-servers.com, icann.com and icann.net on June 26 were instead shunted to an illegitimate destination, which displayed a taunting message: “You think that you control the domains but you don’t! Everybody knows wrong. We control the domains including ICANN! Don’t you believe us?” http://tinyurl.com/theTimes or http://tinyurl.com/print-version

→ No CommentsTags: UGN SafeNet Updates
Bookmark and Share

0 responses so far ↓

  • There are no comments yet...Kick things off by filling out the form below.

You must log in to post a comment.

levitra order
womens viagra
canada cialis
penis growth oil
drug viagra
cialis discount generic
cheapest cialis
viagra erection
cialis sale
viagra canada
viagra shop
save on pills
cialis lowest price
viagra cialis
cialis company
cialis online pharmacy
natural viagra
where to buy levitra
cialis levitra viagra
penis extender
cialis new viagra
cialis soft tab
cialis generic online
levitra drug
levitra purchase
cialis review
viagra online pharmacy
viagra online
cialis uprima viagra
cialis why
cialis get viagra
cialis liquid
where to buy viagra
pfizer viagra
levitra prescription
cialis online purchase
20mg cialis
levitra safe
citrate sildenafil
generic levitra
cheap generic viagra
cheap viagra
buying viagra online
cialis price
apotheke cialis
cialis discount online
buy cialis
cialis mt tadalafil
cialis sample
viagra vs cialis
generic tadalafil
how viagra works
levitra pills
medicaid viagra
cialis dosage
cialis levitra vs
generic viagra online
cialis viagra vs
viagra information
order viagra online
cialis pill
cialis mexico
cialis prescription
viagra trial
low cost viagra
viagra pill
viagra alternative
cialis tadalafil
viagra prescription
save on drugs
levitra alternative
viagra uk
cialis versus viagra
viagra substitute
viagra wholesale
lowest viagra price
cheapest viagra
levitra
oseltamivir
trial viagra
cialis compare levitra
cheap viagra uk
levitra cheap
cialis experience
blindness cialis
cialis drug
canadian cialis
mail order viagra
cialis viagra
cialis europe get
cialis vs viagra
levitra vs viagra
cialis generic
cialis generic viagra
cialis professional
levitra online
herbal viagra
cialis compare viagra
levitra buy
viagra sales
cialis tablet
viagra cialis levitra
levitra sales
cialis discount
cialis mt
cialis levitra
get viagra
levitra tablets
viagra on line
comprare viagra
viagra levitra
levitra canada
how does viagra work
viagra sales uk
cheap cialis
cialis soft
woman taking viagra
cialis pharmacy
viagra pharmacy
levitra price
cialis effects side
generic viagra
viagra for woman
cialis order
viagra side effects
viagra dosage
viagra price
canada cialis generic
cialis uk
cialis from india
viagra use
viagra soft tab
cialis open western
online levitra
buying viagra
viagra sample
discount viagra
penisole
swine influenza
cialis germany
viagra commercial
viagra mexico
buy cheap cialis
cialis online order
cialis europe viagra
cialis lilly
purchase viagra
levitra for sale
how levitra works
discount viagra online
cialis jelly
effects of viagra
viagra professional
cialis woman
cialis soft tabs
viagra 50mg
tadalafil citrate
offender viagra
cheap cialis generic
cialis purchase
buy viagra
order viagra
comprare cialis
purchase viagra online
cialis mexican
levitra professional
viagra story
levitra cost
viagra research
buy generic viagra
100mg viagra
viagra sale
affordable viagra
discount levitra
best cialis price
levitra dosage
viagra jelly
female viagra
cialis com
cialis online
viagra soft
cheap viagra online
cialis testimonials
best price viagra
cialis generic price
levitra mg
viagra and alcohol
viagra sale online
save on drugs viagra
viagra for sale
viagra soft tabs
cialis commercial
Download Movies