[77021] in North American Network Operators' Group
Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet
daemon@ATHENA.MIT.EDU (Nils Ketelsen)
Tue Jan 11 09:31:06 2005
Date: Tue, 11 Jan 2005 09:29:58 -0500
From: Nils Ketelsen <nils.ketelsen@kuehne-nagel.com>
To: nanog@nanog.org
Mail-Followup-To: nanog@nanog.org
In-Reply-To: <OF2D2C1806.D6CB7511-ON80256F86.00379403-80256F86.00384448@radianz.com>; from Michael.Dillon@radianz.com on Tue, Jan 11, 2005 at 10:14:35AM +0000
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, Jan 11, 2005 at 10:14:35AM +0000, Michael.Dillon@radianz.com wrote:
> > But as article specifically mentions sending during the night and
> > registration next morning that does seem to indicate eweek found out
> > about "no whois" but with already registered domain, i.e. see
> Could they simply be referring to the technique of
> sending spam at night with a URL to a non-existent
> domain? When everyone's NOC sees the spam for the first
> time and tries to get the website shut down, it's not there.
> Tickets are closed, and many people think someone else
> already had the site taken down.
I was always interested to see how many people are
actually falling for these Spam messages. Did anybody here ever try to
register such a domain, after the mass mailing started but
before the spammer registers it? Just put a dummy page there and
then throw the access.log into a bunch of loganalyzers after a few days.
Nils
