[96785] in North American Network Operators' Group
Re: Interesting new dns failures
daemon@ATHENA.MIT.EDU (John LaCour)
Thu May 24 18:05:34 2007
Date: Thu, 24 May 2007 15:04:41 -0700
From: "John LaCour" <johnlacour@gmail.com>
To: "Suresh Ramasubramanian" <ops.lists@gmail.com>
Cc: "David Ulevitch" <davidu@everydns.net>,
"Douglas Otis" <dotis@mail-abuse.org>,
"Gadi Evron" <ge@linuxbox.org>,
"Chris L. Morrow" <christopher.morrow@verizonbusiness.com>,
nanog@merit.edu
In-Reply-To: <bb0e440a0705240013h3be25d21xd6039593ce3ac38c@mail.gmail.com>
Errors-To: owner-nanog@merit.edu
On 5/24/07, Suresh Ramasubramanian <ops.lists@gmail.com> wrote:
>
> On 5/24/07, David Ulevitch <davidu@everydns.net> wrote:
>
> > Again, good idea, but doesn't belong in the core. If I register a
> > domain, it should be live immediately, not after some 5 day waiting
> > period. On the same token, if you want to track new domains and not
> > accept any email from me until my domain is 5 days old, go for it. Your
> > prerogative.
>
> Well then - all you need is to have some way to convince registrars
> take down scammer domains fast.
>
> Some of them do. Others dont know (several in asia) or are aware and
> dont care - theres some in russia, some stateside that mostly kite
> domains but dont mind registering a ton of blog and email spammer
> domains.
I'm late to this party... Unresponsive registries and registrars is
a huge problem wrt phishing. I am aware of at least 4 domains off
the top of my head that are used exclusively for phishing which have
been up for over a month since being reported to the registry and
registrar.
The Anti Phishing Working group has a committee working on educating
these reg folks and my own employer is spending significant money at
the next ICANN meeting to do the same.
If you're an network operator and you'd consider null routing IPs
associated with nameservers used only by phishers, please let me know
and we'll be happy to provide the appropriate evidence.
-John
