[GTER] ICANN reforming the WHOIS database - Network World
Marcelo Savio
marcelo_savio at optiglobe.com.br
Fri Jun 27 14:18:26 -03 2003
NETWORK WORLD NEWSLETTER - 06/26/03
Today's focus: ICANN reforming the WHOIS database
By M. E. Kabay
In fighting spam and other forms of Internet and e-mail abuse,
many defenders of the 'Net have noticed that the worst offenders
often include obviously false information in their WHOIS
database entries. The WHOIS database records the contact
information for each registered domain in the DNS.
In my attacks on originators of spam, I've often seen the phone
number (nnn) 555-1212 (where nnn is an area code) supplied as
the contact point; addresses such as "12345 Street Road" with
bogus ZIP codes; real-looking phone numbers that turn out to be
nonexistent or disconnected; and countless e-mail addresses that
bounce like the walls in a squash court.
The Internet Corporation for Assigned Names and Numbers (ICANN)
regulates the administrative infrastructure of the Internet. In
March, the board of directors voted to accept four important
recommendations from the Generic Names Supporting Organization
Council to maintain the integrity of information in the WHOIS
database.
Here are the recommendations:
"1. Accuracy of WHOIS Data.
"A. At least annually, a registrar must present to the
Registrant the current WHOIS information, and remind the
registrant that provision of false WHOIS information can be
grounds for cancellation of their domain name registration.
Registrants must review their WHOIS data, and make any
corrections.
"B. When registrations are deleted on the basis of submission of
false contact data or non-response to registrar inquiries,
the redemption grace period - once implemented - should be
applied. However, the redeemed domain name should be placed
in registrar hold status until the registrant has provided
updated WHOIS information to the registrar-of-record.
"2. Bulk Access to WHOIS Data.
"A. Use of bulk access WHOIS data for marketing should not be
permitted. The Task Force therefore recommends that the
obligations contained in the relevant provisions of the RAA
be modified to eliminate the use of bulk access WHOIS data
for marketing purposes...
"B. Section 3.3.6.5 of the Registrar Accreditation Agreement
currently describes an optional clause of registrars' bulk
access agreements, which disallows further resale or
redistribution of bulk WHOIS data by data users. The use of
this clause shall be made mandatory."
In addition, the recommendations strongly support development of
"a reliable contact point to receive and act upon reports of
false WHOIS data." The recommendation continued, "ICANN should
encourage registrars to (i) provide training for these contact
points in the handling of such reports, and (ii) require
re-sellers of registration services to identify and train
similar contacts."
These measures will help to fight the scourge of spam by
shutting down entire domains run by dishonest people. They will
also inadvertently shut down perfectly legitimate domains whose
owners are too disorganized to keep their information up to
date. If you run a business that depends on the existence of
your own domain (e.g., for your own Web site or to send and
receive important e-mail), you had better put proper measures
into place to ensure that a named individual (and a backup
person) are explicitly responsible for keeping the WHOIS
database correctly updated (and your DNS registration fees paid
on time) or you might suffer a self-imposed denial of service.
Lastly, as you consider how to comply with these regulations and
update your own registration information, keep one other factor
in mind: no one has asked you to provide information that would
permit easy social engineering. For example, you don't have to
provide the exact name of the person(s) who will be the
administrative contact and the technical contact; instead, you
can give a title (e.g., Hostmaster) and an accurate and working,
but generic e-mail address such as <mailto:hostmaster at domain.tld>.
The additional benefit of such a system is that you control where
e-mail directed to this address ends up; this flexibility means
you don't have to update the WHOIS database every time you
reassign responsibility for the domain to another employee.
For the same reasons, the phone number can be the switchboard
rather than a specific extension, thus allowing you to direct
calls to the right person without giving away valuable internal
information that might support a criminal hacker's attempts to
spoof someone's identity.
RELATED EDITORIAL LINKS
ICANN
http://www.icann.org/
Minutes of Meeting of the Board of Directors of ICANN, March 27
http://www.icann.org/minutes/minutes-27mar03.htm
Security appliance adds P-to-P controls
Network World, 06/23/03
http://www.nwfusion.com/news/2003/0623tipping.html
_______________________________________________________________
To contact: M. E. Kabay
NEW! 18-month online Master of Science in Information Assurance
offered by Norwich University <http://www3.norwich.edu/msia>.
Look for the "Computer Security Handbook, 4th Edition" edited by
Seymour Bosworth and Michel E. Kabay; Wiley (New York), ISBN
0-4714-1258-9.
Available now at your technical bookstore or from Amazon
<http://www.amazon.com/exec/obidos/ASIN/0471412589/tag=fusion0e>.
M. E. Kabay, Ph.D., CISSP, is Associate Professor in the
Department of Computer Information Systems at Norwich University
in Northfield, Vt. Mich can be reached by e-mail
<mailto:mkabay at norwich.edu> and his Web site
<http://www2.norwich.edu/mkabay/index.htm>.
_______________________________________________________________
ARCHIVE LINKS
Archive of the Security newsletter:
http://www.nwfusion.com/newsletters/sec/index.html
Breaking security news:
http://www.nwfusion.com/topics/security.html
_______________________________________________________________
SECURITY, VIRUS & BUG, SECURITY ALERT AND ALL OTHERS
"Interview with the Spammer" - An audio webcast sponsored by
Network World and IntelliReach on Wednesday, June 25, 2003,
12:00 PM EST. This event will give you exclusive insight into
the mindset and tactics of the most notorious spammers in the
world. Register now at
http://www.fattail.com/redir/redirect.asp?CID=29597
_______________________________________________________________
FEATURED READER RESOURCE
CASE STUDIES Fully understand the challenges and the environment
facing network IT professionals like yourself; and how solutions
and products they implemented solved these technology
challenges.
http://www.nwfusion.com/productcentral/casestudies.html?sort=1
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2
International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES
To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
http://www.nwwsubscribe.com/Changes.aspx
To unsubscribe from promotional e-mail go to:
http://www.nwwsubscribe.com/Preferences.aspx
To change your e-mail address, go to:
http://www.nwwsubscribe.com/ChangeMail.aspx
Subscription questions? Contact Customer Service by replying to
this message.
Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: mailto:jcaruso at nww.com
For advertising information, write Alonna Doucette, V.P. of
Online Development, at: mailto:sponsorships at nwfusion.com
Copyright Network World, Inc., 2003
------------------------
More information about the gter
mailing list