Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
A World-Renowned Source for Internet Developments. Serving Since 2002.
Thank your for this study, which made some interesting reading. Identifying abusive registrations before they can be used is certainly the ideal situation, however it is not as easy as you make it out to be.
Many registrar do not have access to the excellent data points that the report indicates are in our possession. As significant portions of the registrations are transacted through third parties, many registrars never see the payment details, source IPs or purchase histories of individual registrants for a majority of their registrations.
I have doubts about the usefulness of whois data for identifying abusive domain names. Over the past years, our own experience has shown that a vast majority of malicious registrations reported to us actually have the best quality of registration data as this data was freshly harvested from one of the many data lists out there.
Many contracted parties do use feeds to detect abusive domains, but some of the providers are less then helpful as they do not show their work, e.g. they list a domain as abusive but will not provide evidence of how that conclusion was reached. This increases the risk of taking action against a false positive.
One of the best and safest methods we do have at our disposal is to take proactive action based on reactive action already taken. By looking for common characteristics amongst other domains that match those of an already identified domain, we often detect domains likely to be used in an abusive manner before they become active.