[SWLUG] Domain abuse any examples?

Telsa Gwynne hobbit at aloss.ukuu.org.uk
Mon Jul 10 06:42:39 UTC 2006


Ar Sat, Jul 08, 2006 at 05:01:58PM +0100, ysgrifennodd Neil Jones:
> I am attempting to warn a  charity for whom I volunteer about the
> dangers of letting their web hosting company hold the registration of
> their web domain. The dangers are obvious and I already have an example
> where an organisation has lost their domains as a result of company
> bankruptcy. 

There are supposed to be procedures for getting (some) domains back
(in some circumstances at least). If you have a trademark (and its the 
name in the domain), for example, you're in a good position. Poking 
around for information, I also found this: 

  My host has gone bust

  Gone are the days when a host would wield terrifying power over a 
  lowly webmaster. If your host goes under, you can rescue your domain 
  and get it up and running again without the host's cooperation.

  "The first thing is that you must do something," urges Nominet MD 
  Lesley Cowley. "If you do nothing, you'll possibly lose your domain 
  name and the whole website. Find out what's happening, whether it's 
  a technical problem or your ISP has gone into liquidation. If it's 
  gone into liquidation, find a new ISP and move your business there."

  If you have a .co.uk domain and it's registered in your name, Nominet 
  can transfer it if the old host refuses or is unavailable. Expect to 
  pay £15+VAT for this service. 

..at http://www.sean.co.uk/a/webdesign/disasterrecovery/disaster1.shtm

Now, whether a voluntary organisation or a charity will be a .co.uk,
I don't know. 

I thought it would be easy to find examples, but all the examples of
domain name hijack I can find turn out to be either "someone let the
registration lapse, and someone else grabbed it" (and only rarely is
the someone a web hosting company); or "a deliberate attack was made
by someone". 

I haven't found an example of the web hosting company itself losing 
the domain. Set against all the other things which can happen online,
I am not sure how serious an issue it is. 

ICANN did a report called "Domain name hijacking: incidents, threats,
risks and remedial actions" last year. It covers a bunch of high-
profile examples (remember Panix, the New York ISP, and the Australian
"but someone told us it was theirs now!" registrar?) and has an
interesting list of how some were achieved. One of them (not Panix) was 
straight social engineering on the telephone. 

The PDF is at www.icann.org/announcements/hijacking-report-12jul05.pdf
Google has an HTML cache: feed it the title and it's the first hit.

Telsa



More information about the Swlug mailing list