Featured Blogs

Latest

Something’s Cooking at IETF with Email Authentication

A few months ago, Ted Hardie (AD of Applications for the IETF) informed the MARID WG in the closure announcement as follows: "Given the importance of the world-wide email and DNS systems, it is critical that IETF-sponsored experimental proposals likely to see broad deployment contain no mechanisms that would have deleterious effects on the overall system. The Area Directors intend, therefore, to request that the experimental proposals be reviewed by a focused technology directorate..." more

.NET Bid Contenders

Yesterday was the deadline for the submissions of responses to the .NET re-bid RFP. As of my last count, there are five companies that I am aware of that submitted proposals for the .NET rebid. Three of these were quite publicly announced, Afilias, Denic, and Verisign. The other two bidders are Multi-Stakeholder groups. Sentan and Core++. Sentan appears to be a Joint Venture between .jp and Neulevel, and Core++ is ISC, Telfonica, and .br, with participation from Core, Nida (.kr), and .zaDNA (.za). more

Closer Look at Domain Name Transfer Policy and the Hijacking of Panix.com

Given the recent panix.com hijacking, I will give an outline of the current ICANN transfers process for gtlds. In the case of panix.com, evidence so far indicates that a third party that holds an account with a reseller of Melbourne IT, fraudulently initiated the transfer. The third party appears to have used stolen credit cards to establish this account and pay for the transfer. That reseller is analyzing its logs and cooperating with law enforcement. more

Preventing A New World Internet Order

If anyone needs another reason why the UN should not be in charge of the internet, they need look no further than the upcoming UNESCO conference on "Freedom of Expression in Cyberspace." The United Nations Education Scientific and Cultural Organization conference will discuss "whether universal free expression standards should be applied to the Internet and how free expression can be protected while respecting individual privacy, national laws and cultural differences." The conference is being held in preparation for the second phase of the UN's World Summit on the Information Society (WSIS)." more

Customer Service is Law: The Panix Story

The NANOG list yesterday was the virtual equivalent of a nearby nocturnal car alarm: "panix.com has been hijacked!" (whoo-WEE, whoo-WEE); "those jerks at VeriSign!" (duhhhhh-WHEEP, duhhhh-WHEEP); "no one's home at Melbourne IT!" (HANK, HANK, HANK, HANK). Finally, on Monday morning in Australia, the always-competent and helpful Bruce Tonkin calmly fixed the situation. So the rest of us can get some sleep now. But as we nod off in the quietness, let's consider just exactly what happened here. more

Hijacking of Panix.com: A Call for An Emergency Rollback Procedure

There's a thread on NANOG to the effect that Panix, the oldest commercial Internet provider in New York, had its domain name 'panix.com' hijacked from Dotster over to MelbourneIT and it has pretty well taken panix.com and its customers offline. Looks like this may be among the first high-profile unauthorized transfer under the new transfer policy. It begs the question, despite the existence of the dispute policy under the new system, what provisions should there be for a situation like this where every hour causes untold damage to the party in question... more

Creating a Police State From the Ashes of the Internet

Former CIA Director, George J. Tenet recently called for measures to safeguard the United States against internet-enabled attacks. "I know that these actions will be controversial in this age when we still think the Internet is a free and open society with no control or accountability, but ultimately the Wild West must give way to governance and control." Mr. Tenet seems about as confused about the internet as the ITU... more

Where Did the .ORG Money Go?

A friend pointed me to the latest Internet Society budget for 2005 :- ISOC is expecting PIR (ie, .ORG) to contribute 3.4M to the society! Wow, thats 2-3x as much as what Internet Society gets from its membership! I think that's pretty neat because ISOC has been in the red for many years and could certainly use some help financially. After all, it is hosting IETF and also paying for the IANA registry and RFC-Editors, all of which is critical to the Internet standardization process... more

Survey Predicts Attacks on the Network Infrastructure Within 10 Years

Pew Internet Project has released a report called "The Future of the Internet" based on a recently conducted survey where 1,286 internet experts are said to have looked at the future impact of the internet and assessed predictions about how technology and society will unfold. The following is and excerpt from the report predicting at least one devastating attack will occur in the next 10 years on the networked information infrastructure or the United States power grid. more

OMB Focuses On Cybersecurity

Ensuring federal cybersecurity is essential to protecting national security. According to some media reports, recommendations have been made to the Bush Administration to "create a distinct administrative cybersecurity position within the Homeland Security Department to oversee progress in the federal government and act as a liaison with private industry." However, before new bureaucracy is created, it is important to recognize the practical cybersecurity policies and projects that are already being undertaken by the Administration. more

A Year of CAN SPAM

The CAN SPAM Act of 2003 went into effect a year ago on Jan 1, 2004. As of that date, spam suddenly stopped, e-mail was once again easy and pleasant to use, and Internet users had one less problem to worry about. Oh, that didn't happen? What went wrong? more

Reforming Whois

Now that we're into the New Year and deadline for public comment on the proposed new .CA whois policy nears and now that my term as a CIRA Director enters its home stretch, I wanted to take some time to elaborate further on my Unsanctioned Whois Concepts post from long ago and revise it somewhat. more

Person to Person Security and Privacy Infringement

IT security strategies invariably focus on maintaining impenetrable fortresses around computers and network systems. Firewalls, virtual private networks and anti-virus programs are the tools IT engineers use to create their digital security. Sophisticated defense systems can be very effective at keeping the obvious attackers at bay, yet they often create a false sense of security because the real attacks, the kind that inflict irreparable damage on a system or network, avoid the obvious routes into the secure fortress. more

Tracking Internet Piracy: Harder Than You Think

Wired Magazine recently published an article called "The Shadow Internet", where it says: "Anathema is a so-called topsite, one of 30 or so underground, highly secretive servers where nearly all of the unlicensed music, movies, and videogames available on the Internet originate. Outside of a pirate elite and the Feds who track them, few know that topsites exist. Even fewer can log in." But what are the difficulties in tracking and identifying these so-called topsites? Joel Snyder, a senior network consultant responds. more

2004: The Year That Promised Email Authentication

As the year comes to a close, it is important to reflect on what has been one of the major actions in the anti-spam arena this year: the quest for email authentication. With email often called the "killer app" of the Internet, it is important to reflect on any major changes proposed, or implemented that can affect that basic tool that many of us have become to rely on in our daily lives. And, while many of the debates involved myriads of specialized mailing lists, standards organizations, conferences and even some government agencies, it is important for the free and open source software (FOSS) community as well as the Internet community at large, to analyze and learn lessons from the events surrounding email authentication in 2004. more

Topics

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

DNS

Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days