/ Most Viewed

Trusted Notifiers and the Future of DNS Abuse

Apr 27, 2021

Efforts have been ongoing in the ICANN community to develop a better understanding of its role in the combat of abuse. This theme has been rising in prominence every year since 2018, and 2021 appears to be the tipping point, in which consensus has built around the idea that more can be accomplished in terms of reducing the impact of rogue actors using the Internet for malicious purposes. more

Continued Threats from Malware

Sep 17, 2018

As part of my job, I manage an incident response team that was engaged by a significant organization in Georgia whose network was infected by the QBOT (a.k.a. QAKBOT) malware. The customer had been infected for over a year, several teams before ours had failed to solve the problem, and they continued to get reinfected by the malware when they thought they had eradicated it. Over time it had spread to more than 1,000 computers in their ecosystem stealing user credentials along the way. more

How a Routing Prefix Travels Through the Internet

Feb 14, 2011

What happens when an IP address prefix gets announced or withdrawn. How does this information propagate through the Internet? And how does it affect the amount of Border Gateway Protocol (BGP) traffic across the Internet when a single prefix is freshly announced or withdrawn from the global routing table? The following short analysis shows the detailed effects of these two events. more

Paul Vixie in Response to Site Finder Controversy

Sep 17, 2003

As a domain holder myself (of vix.com), I would not have chosen ".com" for my parent domain name back in 1988 had there been a wildcard domain name [that activates Site Finder service] under ".com". The risk of someone attempting to reach me but ending up talking to someone else instead would have been seen as "too great". I am now searching for a new parent domain whose publisher will guarantee me, in perpetuity, that there will be no wildcard name as there now is in "com". more

Did ICANN Over Regulate VeriSign?

Mar 24, 2004

CircleID recently interviewed Jonathan Weinberg, Professor of Law at Wayne State University to discuss legal and regulatory issues that have been raised against Internet Corporation For Assigned Names and Numbers (ICANN). VeriSign, the registry operator of the two most popular top-level domains .com and .net, filed a lawsuit against ICANN on February 26, 2004 complaining that the Internet regulatory body has extended "its authority beyond the scope of its contracts". Did ICANN cross its contractual boundaries? To what extent does ICANN's contract limit its technical coordination functions and how much of a threat does VeriSign's lawsuit impose? Jonathan Weinberg explains... more

Security and Fort N.O.C.‘s

Jan 22, 2004

In an article by MSNBC called "Fort N.O.C.'s" [Network Operating Center] Brock N. Meeks reports: "The unassuming building that houses the "A" root sits in a cluster of three others; the architecture looks as if it were lifted directly from a free clip art library. No signs or markers give a hint that the Internet's most precious computer is inside humming happily away in a hermetically sealed room. This building complex could be any of a 100,000 mini office parks littering middle class America." ...It is hardly the "most precious computer"!!!  more

UDRP Dilemma In Proving Bad-Faith Domain Registrations - Part I

Jun 20, 2003

The purpose of the Uniform Dispute Resolution Policy, known as the UDRP (hereafter the Policy), is to determine disputes relating to the registration or acquisition of domain names in bad faith. Under the Policy, the complainant must establish that (i) the disputed domain name is identical with or confusingly similar to a trademark or service mark in which the complainant has rights; (ii) the domain name registrant has no right or legitimate interest in respect of the domain name; and (iii) the domain name was registered and is being used in bad faith.

Whilst requirements (i) and (ii), at first glance, do not appear difficult to meet, it is not the same with requirement (iii). In fact, a serious problem arises for the complainant when a registrant has registered domain names in bulk, but has not used them i.e. they have not been resolved to any active website. more

Sponsored TLD Unnecessary? Ron Andruff Responds to Forrester Research

Feb 23, 2006

A recent report released by Forrester Research last week has put the .travel sponsored top-level domain under the microscope -- calling the sTLD "Nice, But Not Necessary". Although this 4-page report (sold for US$49.00) has singled out the .travel domain, its critical arguments might very well apply to the nature of most sponsored top-level domains currently in existence -- or under review: '.mobi', '.jobs', '.museum', '.coop', '.xxx' and others. CircleID has invited Ron Andruff, President and CEO of Tralliance, the registry for .travel, to respond to arguments made in this report. more

An Institute to Combat DNS Abuse

Feb 17, 2021

Over the last few years, it's become clear that abuse of the Domain Name System -- whether in the form of malware, botnets, phishing, pharming, or spam -- threatens to undermine trust in the Internet. At Public Interest Registry, we believe that every new .ORG makes the world a better place. That means anything that gets in the way of that is a threat, and that includes DNS Abuse. more

An Update on IPv6

Jun 22, 2015

In the coming weeks another Regional Internet Registry will reach into its inventory of available IPv4 addresses to hand out and it will find that there is nothing left. This is by no means a surprise, and the depletion of IPv4 addresses in the Internet could be seen as one of the longest slow motion train wrecks in history. The IANA exhausted its remaining pool of unallocated IPv4 addresses over four years ago in early 2011, and since then we've seen the exhaustion of the address pools in the Asia Pacific region in April 2011, in the European and the Middle Eastern region in September 2012, in Latin America and the Caribbean in May 2014 and now it's ARIN's turn... more

Rhetorical Questions on IDN TLD Approaches

Oct 31, 2006

With the IGF underway, there's a lot of discussion surrounding Internationalized Domain Names (IDN). There has been lots of great progress in IDN technology with IE7 and Firefox browsers now fully IDN-Aware, strong IDN registrations and websites behind them. Now that many of the hurdles to implementation have been addressed to where the technology is either currently available to most internet users, or shall be soon, we now focus to the other aspects of IDN... more

An Unsanctioned Whois Database

Nov 05, 2003

Mark Jeftovic of easyDNS Technologies Inc. has posted an item on ICANN's "GNSO" registrars' mailing list titled "unsanctioned Whois concepts". In that item he suggests that the control and actual publication of contact information about a domain be put into the zone file itself, a file maintained by the registrant (purchasor) of the domain name. more

ICANN Registrar Stakeholder Group Leadership Handover

Jun 30, 2020

The ICANN Registrar Stakeholder Group (RrSG) is one of several stakeholder groups within the ICANN community and is the representative body of ICANN accredited domain name registrars. It is a diverse and active group that works to ensure the interests of registrars and their customers are effectively advanced. The leadership team (ExCom) consists of five officers who manage the Registrar Stakeholder Group. more

Pirate Bay Co-Founder Goes Public with Alternate P2P-Based DNS Project

Nov 30, 2010

A group led by former Pirate Bay co-founder Peter Sunde is forming to develop a peer-to-peer-based alternative to today's ICANN-controlled DNS system, according to a blog posted on Tuesday. A tweet on Sunde's account dated Nov 28 said: "Alternative dns root is step 1. Step 2 is the new DNS system that is in the making. It's not advanced, it's p2p and more secure." The tweet has generated a fair amount of interest according to Sunde who has written a follow up post on a blog called "P2P DNS". more

The Politics of Email Authentication, 2006 Edition

Jan 05, 2006

A student at a well-known US university wrote me and asked whether, given the huge national interest in getting the industry to unite behind (at least) one format, did I think that the FTC should've played a stronger role in pushing the industry to adopt an authentication format? I said: Nope. Part of the reason it's taking so long to agree on a standard is that the process is infested with academic theoreticians who are more interested in arguing about hypotheticals and pushing their pet spam solutions than in doing something useful... more

Industry Updates

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

NIS2 and Its Implications for Global Brands

  • By CSC
  • Jul 05, 2024

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

IPv4.Global Commits to Keep Ukraine Connected

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Managing Expanding Attack Surfaces for Growing Businesses

Subdomain Hijacking in the News Again - What is It?

  • By CSC
  • May 20, 2024

Looking for More Signs of Nitrogen in the DNS

Thoughts on RDRS for Brand Owners

  • By CSC
  • May 13, 2024

Unraveling the World of Security Data Aggregation

View More