NSI Registers Every Domain Checked 668
An anonymous reader writes "In a developing story, registrar Network Solutions has been caught front-running domain names. Any domain names searched via NSI's whois are being immediately purchased by the registrar, thereby preventing a registrant from purchasing the domain at any other registrar. There are multiple reports of this practice over at DomainState.com." Update: 01/09 01:58 GMT by KD : shashib writes to let us know that NSI has issued a response to the accusations of front running.
Any way to... (Score:5, Interesting)
DNS and Certificate services (Score:4, Interesting)
It is appalling that so much of our security infrastructure relies on this pack of thieves.
What should be we do to correct this problem?
Perhaps a consortium of the major Internet providers could start up a new DNS system.
I'm not talking about Comcast/verizon/aol, I'm talking about Level3, Cogent, Teleglobe etc..
thoughts?
Re:Use the /. effect to make them screw themselves (Score:5, Interesting)
Who needs a script when you have the power of Slashdot?
Don't use WHOIS (Score:5, Interesting)
Whether it's NSI or some other registrar doing it, this has been a known issue for a long time. The solution is not to use WHOIS. Instead follow DNS from the root and see if it goes anywhere. E.g.:
dig the-domain-you-want.com. +traceRe:Any way to... (Score:1, Interesting)
A daemon running 24/7 would be too suspicious and almost certainly would be tagged as DoS, so probably something like a Firefox extension that makes random searches at random intervals sending words from a dictionary and/or made of random chars would be better. The Trackmenot extension does a similar task fooling search engines that tag users according to the words they search; it could be modified to do a similar thing with NSI.
Re:I always assumed they did this (Score:4, Interesting)
ICANN didn't have the balls to kill the contract a few years ago, maybe they will finally do the right thing and rid the Internet of this vile vile monster.
Re:Make it cost them ... (Score:3, Interesting)
foo.com
bar.com
foobar.com
foo: frequency 2
bar: frequency 2
oob: frequency 1
oba: frequency 1
fo: frequency 2
oo: frequency 2
ba: frequency 2
ar: frequency 2
ob: frequency 1
Now, just pick random length, say 5, and generate random strings with the weights to the random selection being the frequency. Better yet, just generate EVERY possible permutation, ordered by frequency like so:
foofo.com
foooo.com
fooba.com
fooar.com
barfo.com
baroo.com
barba.com
barar.com
fofoo.com
oofoo.com
bafoo.com
arfoo.com
fobar.com
This should generate all of the most likely-to-be-registered domains of the given length. You could do this based on, say, a few google searches, some Wikipedia articles, and some subset of DMoz. That should get you a nice collection of domain names to seed with.
Re:Any way to... (Score:3, Interesting)
individually no-one would be capable of doing it.
unless you are orchestrating/controlling a Botnet to do a DoS attack.
their efforts at NSI would they?
after all, they are already considered terrorists and have nothing to gain
a plain DoS would cost them money in lost business.
Re:Don't use WHOIS (Score:2, Interesting)
Yes, there are rare cases where you might not see a response, at which point you can go ahead and try to register the domain and perhaps fail. But most registrars throw in their own parking nameservers at registration time automatically, so it's pretty unusual to find a name that is in a registry but has no DNS records. The more likely scenario is when a domain is in HOLD status after expiring.
If you know of cases where ISPs are speculatively squatting on domains based on sniffed DNS lookups, please enlighten us. Certainly there are scenarios where even a DNS lookup could trigger squatting or tasting; after all, a GTLD server operator might be colluding. The noise level in DNS is so high, though, that they would be thrashing the TLD registries pretty heavily if they were doing this.
Call for more info (Score:5, Interesting)
I sure hope I don't take up too much of their time, because 1-800 minutes aren't cheap for them, neither is tying up their support personnel. However, if you're curious about these practices, you might want to speak with them yourself - it's your right after all.
Re:Any way to... (Score:2, Interesting)
Re:Any way to... (Score:4, Interesting)
Then when they get wise to that, and start queuing requests, checking the first N and the last N, you need a back-end loop, as well.
Re:Any way to... (Score:2, Interesting)
Domain Name: NETWORKSOLUTIONSWHORE.COM
Registrar: NETWORK SOLUTIONS, LLC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: NS1.RESERVEDDOMAINNAME.COM
Name Server: NS2.RESERVEDDOMAINNAME.COM
Status: ok
Updated Date: 08-jan-2008
Creation Date: 08-jan-2008
Expiration Date: 08-jan-2009
Re:Any way to... (Score:4, Interesting)
Re:Any way to... (Score:3, Interesting)
True, but it'd be more fun to do it as a limerick. Or as ascii art of the NSI logo.
Worse than that... (Score:3, Interesting)
So they are DEFINITELY monetizing it, by charging more now that it has some traffic.
Well... (Score:3, Interesting)
...would you mind posting it?
Lessor of two evils? (Score:3, Interesting)
Well... hang on and think about it for a second. In a perfect world if you look up a domain it remains available. But this is not a perfect world, we have ICANN instead.
My first reaction when reading TFA was "no way. they can't be".
But I see their point. With over a hundred registrars, many of them just squatters who want to get domains for the wholesale price of $6, it does appear ot be true that if you look up a domain at NSI you are still able to purchase it.
Compare this to some other registrar where if you look it up suddenly it's sold and now you have to buy it on the secondary market which will cost you way more that a regular domain. Lessor of two evils perhaps?
How long does it take to happen? I just looked up a long silly name at NSI and fifteen mninutes later it's still availalable. Anybody else notice this?
Re:Any way to... (Score:3, Interesting)
Yeah, you guys are thinking about this the wrong way. Instead of just costing them money, figure out how you can profit from it:
Champ Mitchell is the CEO of Network Solutions, and according to this domain name which they registered, fair and square, apparently he owes me some money. I'll try to be magnanimous and settle for just one percent.
Re:Any way to... (Score:2, Interesting)
That is how you punish this sort of activity. Do they actually lose money by scooping up those checked for domain names? Maybe, I'm not so sure that's the case.
But I do know that by moving domains from them they do lose hard $$.
Re:Can't be ALL of them. (Score:3, Interesting)
www.hitler-had-only-one-ball.com,
Tried on godaddy, showed up as open.
Same on NS, showed up as blank.
Went back to Godaddy, clicked it again, "DOMAIN TAKEN"
Whois shows it up as;
Domain Name: HITLER-HAD-ONLY-ONE-BALL.COM
Registrar: NETWORK SOLUTIONS, LLC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com/ [networksolutions.com]
Name Server: NS1.RESERVEDDOMAINNAME.COM
Name Server: NS2.RESERVEDDOMAINNAME.COM
Status: ok
Updated Date: 08-jan-2008
Creation Date: 08-jan-2008
Expiration Date: 08-jan-2009
Within seconds of having it hit.
As for the "domain tasting" drop after $n days, why not just 're-search' for it, after 3 days, so it stays registered until it costs them money?
Re:PR response from NSI (Score:3, Interesting)
Awesome. So the Slashdotting the system got today should cause all manner of pain for sleazebags who watch for whois deletions and snap up the domains. That rocks. Now we can annoy dozens of horrible, evil companies with the ethics of a turnip just by making a single query! Couldn't happen to a nicer bunch of dirtbags.
The only question that remains, then, is how can the slashdot community convince the link farmers to purchase as many of these worthless domains as possible so that when nobody ever visits any of them again, they lose lots of money?
Suggestions?
NSI doing Creative Commons Abuse, too! (Score:4, Interesting)
I Just followed the link to uselessdomain0001.com [uselessdomain0001.com]. Check out the blue globe logo at the top.. now check out this CC licensed SVG image on Wikipedia: Applications-internet.svg [wikipedia.org]. Looks like someone "accidentally" forgot to include the Creative Commons Share Alike license on that page.. hmmmm.
I think it's pretty obvious that NSI is just a scummy company, through and through.
P.S. If uselessdomain0001.com has changed by the time you read this, just check out uselessdomain0002.com or any other similarly tasted domain.
Re:Any way to... (Score:2, Interesting)
wget --post-data='TLDs=.com&domainNames=networksolutionssuckass&method-submit=method-submit&Search=/domain-name-registration/domain-name-search-results.jsp¤tPage=/home.jsp;jsessionid=5e337df9d98b6ffffffffc065d3ac7937db7:+cjA?layoutIdIndex=1&formTargetPage=/domain-name-registration/index.jsp' http://www.networksolutions.com/domainSearch.do;jsessionid=5e337df9d98b6ffffffffc065d3ac7937db7:+cjA
Let's hope for a class action lawsuit with punitive damages for every domain that they've squatted. That script could be a millionaire...
Re:Any way to... (Score:3, Interesting)
This will cause a random distributed load and make it very hard to track if the requests are valid or not. Especially if a JavaScript timer is used to allow for a delay between each request, which will cause the request to look like it's an ordinary user doing it.