Mexico Registries Registrars Abuse Domains 030309
-
Upload
glenn-mcknight -
Category
News & Politics
-
view
541 -
download
2
description
Transcript of Mexico Registries Registrars Abuse Domains 030309
![Page 1: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/1.jpg)
3 March 2009
Rudi Vansnick – ISOC Belgium/EURALOGarth Bruen – Knujon.com / NARALO
Registries, Registrars and abuse of domains
![Page 2: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/2.jpg)
3 March 2009
Program1. Introduction2. Role of Registries and Registrars3. Some abuses in .be4. Abuse of domains: samples5. Some practical cases6. Mission and Goals7. Questions and Answers
![Page 3: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/3.jpg)
3 March 2009
ICANNInternet Corporation for Assigned Names and Numbers
Registries
Acc. RegistrarsAgents
Registrant / licensee
gTLD's ccTLD's
Role of Registries & Registrars
![Page 4: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/4.jpg)
3 March 2009
Some abuses in .be
![Page 5: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/5.jpg)
3 March 2009
Some abuses in .be
![Page 6: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/6.jpg)
3 March 2009
Some abuses in .be
![Page 7: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/7.jpg)
3 March 2009
Some abuses in .be
![Page 8: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/8.jpg)
3 March 2009
Some abuses in .be
![Page 9: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/9.jpg)
3 March 2009
Some abuses in .be
![Page 10: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/10.jpg)
3 March 2009
Registrars: Basic Issues and Concerns
Lack of transparency and accountabilityReseller abuseTypo squat as selling point?Lack of registrant verificationArbitrary policy enforcementFlouting the local lawBlocking access to WhoisFailure to comply with current RAAFalse SuspensionsccTLD abuseBulk Registrations with bad dataGateway for spam and abuse
![Page 11: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/11.jpg)
3 March 2009
Registrars as Gatekeepers
![Page 12: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/12.jpg)
3 March 2009
Registrars as GatekeepersWHOIS forgery has created a massive new
class of completely unknown persons engaged in illicit traffic
If Registrars are network administrators they have failed massively to validate who accesses the network
We need metrics and follow-up appealAre drug traffickers, counterfeiters, software
pirates, and money launders the Registrar’s biggest customers?
![Page 13: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/13.jpg)
3 March 2009
E-Crime Infrastructure (as it concerns Registrars)
![Page 14: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/14.jpg)
3 March 2009
Unknown Influence Often Illicit Drug Traffic
![Page 15: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/15.jpg)
3 March 2009
What else? – All Profit-Driven• Money launderingSoftware PiracyCounterfeit Consumer GoodsDomain Inflation
Phishing/IntrusionsEmployment ScamsProstitution
![Page 16: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/16.jpg)
3 March 2009
Illicit E-Pharma ManifestoRecently obtained and translated “how to” guide for rogue
pharmaciesCasually references ease of bulk RegisteringDirects associates to ICANN websiteStates some Registrars more cooperative than others
![Page 17: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/17.jpg)
3 March 2009
Obfuscated RegistrarsMail drop addresses and
“brass plate” business registrations
Dozens of Registrars not disclosing real address or even country of location
OnlineNIC is current concern
Missing language from RAA
![Page 18: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/18.jpg)
3 March 2009
Where do domain-related fraud profits go?
Consumers in wealthier countries purchase illicit products online
Money often goes to unsavory characters in poorer countries
Poisonous, substandard and fake products are shipped to consumers, injury occurs
General citizens in poorer countries do not benefit
![Page 19: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/19.jpg)
3 March 2009
WHOIS Fraud and Illicit DomainsForged WHOIS Records: ASDFBlank WHOIS RecordsNon-Existent WHOIS RecordsFalse suspension reportsRegistrars can and should preventSecurity community will helpWe have solutions that will not disrupt or
burden Registrars or ICANN
![Page 20: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/20.jpg)
3 March 2009
ASDFASDF is the first four
characters on the second row a standard QWERTY keyboard
Thousands of illicit web pharmacies are registered with this obviously bogus information
Many more examples are subtle but just as preventable at the point of registration
![Page 21: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/21.jpg)
3 March 2009
Blank WHOIS Records and Illicit Domains WHOIS DATA AS OF 2008/08/01
01:15:01 REGISTRAR WHOIS: REGISTRY WHOIS: Whois Server Version 2.0 Domain Name: GEHRUEELS.COM
Registrar: XIN NET TECHNOLOGY CORPORATION Whois Server: whois.paycenter.com.cn Referral URL: http://www.xinnet.com Name Server: NS1.VOBIUTE.COM Name Server: NS2.VOBIUTE.COM Status: ok Updated Date: 18-feb-2008 Creation Date: 18-feb-2008 Expiration Date: 18-feb-2009
![Page 22: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/22.jpg)
3 March 2009
Non-existent WHOIS Records and Illicit Domains
Spammed domain with no WHOIS record redirects to unlicensed pharmacy
![Page 23: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/23.jpg)
3 March 2009
False suspension reportsDomain Name: AMERICANPERFECTMEDS.COM Registrant: Directi False Whois Suspended Account Directi False Whois Suspended Account ([email protected]) This Domain is Suspended Due to inaccurate Whois Contact Support Desk null,0000 US Tel. +00.0000
*Directi has corrected – cited reseller abuse
![Page 24: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/24.jpg)
3 March 2009
Some Practical CasesRegister.comXin NetOnlineNICParavaNet eNom
![Page 25: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/25.jpg)
3 March 2009
Register.com8771 Junk Domains
Touting Phantom Cash Offers
144 Fake Companies Registering Domains
46,183 Spam emails to consumers
![Page 26: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/26.jpg)
3 March 2009
Xin Net34,284 Illicit Domains
with false Whois records1,763,014 Recorded
spam messagesReported invalid
domains still upMostly rogue
pharmacies
![Page 27: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/27.jpg)
3 March 2009
eNomDomain InflationSpammed domains are for saleTraffic in names artificially raises bidding
prices
![Page 28: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/28.jpg)
3 March 2009
OnlineNic: Where are you?Assumed to be in
China, professes to be in United States
Fake PharmaciesSoftware PiracyGeneral dishonesty
and obfuscation hurts accountability and transparency
![Page 29: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/29.jpg)
3 March 2009
ParavaNet: Where are you?From this morning:
Registrant: Parava Networks Networks Parava [email protected] Westheimer Rd. Ste 1585 Houston 77056 US Domain Name: parava.net
From July, 2008:
*Issued Breach Notice on Friday
![Page 30: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/30.jpg)
3 March 2009
Mission and GoalsFix the Policy Loopholes (RAA)Support the PolicyEnforce the PolicyUpgrade of WDPRSWe propose building mechanisms to solve
these problems…Other “good” stuff
![Page 31: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/31.jpg)
3 March 2009
Our Job as Policy DevelopersThe consequences of
not implementing good policy are permissive; the consequences of implementing bad policy are destructive.
![Page 32: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/32.jpg)
3 March 2009
Make Internet Abuse Policy Enforcement User Friendly
End users do not know where to start when abused
“Headers”, “IP,” “ASN”, etc. are foreign words ordinary users
Adopt simple methods for handling unwanted traffic
Create provider standards and guidelines
![Page 33: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/33.jpg)
3 March 2009
Help Consumers Navigate Bureaucracy
Consumer inclusion in policy is controversial
Instead, build avenues to express grievances that generate trust
![Page 34: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/34.jpg)
3 March 2009
Data not junk
![Page 35: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/35.jpg)
3 March 2009
“good” stuffBreach notices work: Joker and Beijing Net
have made considerable improvementsEnforcement has impact: EstDomains closure
has had domino-effect on cybercrimeSmall loopholes = big problems – but fixing
small holes has fantastic results! Strengthening RAA will solve large portions of the problem
![Page 36: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/36.jpg)
3 March 2009
Purpose of Internet?Communication and Trade?Not created so registrants could talk to each
otherNot a “closed” circuit for industry-onlyIt’s open so consumers can participate and
industry can profit – neither exists without the other
Adding consumer advocacy layer does not threaten current model
Future Internet could include every consumer as a “registrant”
![Page 37: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/37.jpg)
3 March 2009
Upgrade of WDPRSWHOIS Data Problem
Report SystemCritical tool for
addressing fraud and abuse
Created in 2002 but not upgraded since!
Rapid expansion of the Internet needs expanded enforcement resources
New WDPRS will help, but more tools needed…
![Page 38: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/38.jpg)
3 March 2009
Why ICANN Should “Address” Spam
ICANN clearly is not responsible for spamShould not be a “front-end” abuse handler –
not practical from functional standpointDetermining what spam is is difficult – “I
know it when I see it” However, ICANN should develop an overall
policy to aggressively address conditions that enable spam from within the mandate.
![Page 39: Mexico Registries Registrars Abuse Domains 030309](https://reader033.fdocuments.us/reader033/viewer/2022051514/548e0624b47959686c8b47fc/html5/thumbnails/39.jpg)
3 March 2009
Questions and Answers
This is your time…