Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
The Internet

NSI closes top level Domain Servers 77

Cris writes "Looks like NSI is closing access to all it's top level domain servers, except for people that "need access." This is allegedly a way to eliminate spamming, but they've denied access to many companies which depend on these servers for their businesses. "
This discussion has been archived. No new comments can be posted.

NSI closes top level Domain Servers

Comments Filter:
  • The trick would be to have the new servers host "alt" top-level domain .. that way people could use the official and the unofficial systems without conflicts...

    Hmm, quite an amusing idea actually :)
  • by drwiii ( 434 )
    As I said in another slashdot story, "N$I strikes again".

    That's ok though, their days are numbered.

  • by drwiii ( 434 )
    Or so we're lead to believe...
  • Can anyone tell me what, exactly, they're restricting access to? I read the ZD article twice and I still can't make heads or tails of it. I'm hoping that the fault lies in the writing, not in the reading...
  • Yeah, no problem. You just need a set of root servers and a bunch of clients pointed at them. Root servers are easy... there's no practical difference between a hostname, a domain name, and a TLD, so BIND and a fat pipe'll do you. The problem is getting enough clients to use your servers in preference to/in addition to NSI's. You'd need to convince a significant portion of the Internet in order to do any good...
  • Ah. Got it now. So it's just full zone transfers they're restricting, not any access to the root zone information (which, unless my reading comprehension is failing me, is what the article says). I didn't _think_ it was the latter... the whole system would break if they did that...

    (And, yes, I have set up a few DNS servers... I own and operate two domains and their associated name servers.)
  • I was bothered by the restrictions placed on the information but was alarmed that they consider the information their 'Intellectual Property'.

    Sounds mighty corporate to me.
  • It was just recently that I learned that you could download these files. "This is great," I thought, "for once somebody has done something useful. Now I can cache domains over the local net!" So, I eagerly ftped to the directory, and noting the small file size, I read the README. It explained basically the same thing that this article did. Curses, foiled again!
  • The street and e-mail addresses can be found in the WHOIS database, not in the zone files. The WHOIS database ( is still open to access, though perhaps not by means of downloading in its entirety (I don't know if it has ever been downloadable).

    The only contact info found in the zone file is the e-mail address in the SOA of the zone itself, and while name server maintainers probably get their share of junk e-mail, there is no point in downloading the entire .COM zone (with some 3.5 million subdomains) in order to find out that <hostmaster@INTERNIC.NET> is the maintainer of that zone.

    Thus, I can't say I'm buying into the anti-UCE argument in this case. What exactly have they done to that end?

    As long as they merely prevent bulk access to the entire thing, but I can still access individual records as needed, I don't mind too much.

    The Software Publishers Association [] spammed a number of e-mail addresses found in the WHOIS once (I could tell, because my WHOIS address is not used for anything else) merely to "inform" me that my FTP server could be used for distribution of pirated software! They haven't apologized yet, and I haven't reported a single case of piracy to them since.

  • Shorten the grace period for new domain names. Or even make them pay up front. That would really kill domain name speculation. There's no need to disable a valid service of DNS to get rid of speculators.

  • As an example, Netscape could modify its browser to use their own server for DNS lookups by default (the user could change it later if desired). Netscape's own DNS server could support Cool New TLDs and pass anything it doesn't trap out to conventional DNS servers. This could result in massive segments of internet users migrating to a new DNS provider and new domain naming scheme. This might be sufficient to make NSI want to be competitive and to change their evil ways. :)

    Oh yeah, MS could do this with IE too, so maybe this isn't such a good idea.
  • Ya know, if you max out your credit card(s), you can live pretty high on the hog for a while... until the bills come.

    This is exactly what socialist democracies like Canada and New Zealand (and others) do, with the exception, that the government maxes out each of the residents' "credit cards", and if your a lucky citizen, you might get something back for the charge, less "administrative government expenses", of course.

    I was born, and lived in, Canada from 1961 to 1997, and I saw the rise of socialized this and that, to see it all crumble pretty badly by the time I left. I paid the approximate equivalent of US$23k income tax on an income of US$43k, supporting a non-employed spouse and child, as well as myself. Add to that 8% provincial and 7% federal "value added" taxes on about everything you buy. Take away all the supposed social benefits that got "clawed back" because I was a "high income" earner.

    Socialist democracies are unsustainable in the long term, regardless of how seductive the idea appears in the short term.

    Pointing to the failings and corruption within the U.S. government (of which there are many), blaming them on a capitalist economic system, and suggesting that some kind of socialist democracy is the answer is either very short-sighted thinking, or an attempt to stage a communist-style coup d'etat.

  • I can see why they are tightening up access to the information.

    I have a couple of domains registered. One of the domains has a company name that ONLY appears in the DNS records. I have been recieving snail mail from companies that have been "mining" the DNS record for thier own slimey purposes. It really pisses me off how many corporate bottom-feeders consider the net their own way of "Making Money Fast".

    And people wonder why I hate sales people so much.
  • I work for an ISP and over the past year we've purchased two smaller local providers. They were both running NT and I had to convert everything over to run on our Linux servers.

    Among the issues I ran into was determining which domains were registered to the other ISP's nameservers. Their nameservers were poorly maintained, some domains had transferred, etc.. I also wanted to know if there were any domains that listed these nameservers as authoritative but weren't listed in the config files.

    The only way to do this was a root zone transfer. I received an e-mail a few weeks ago from InterNIC stating that access would be renigged soon. I just checked and my access is gone. Luckily, I downloaded them all a few days ago.

    Yes, some of the things I needed to check could have been done with Whois. But others couldn't. Of course, InterNIC is now offering monthly reports of domains associated with a nameserver but at the time, this service didn't exist.

    I think it's bad policy to restrict access to people who have a legitimite need. Restricting access to root zone files will not stop spam to domain contacts. The spammers will simply scour other sources for e-mail addresses and run Whois queries on each domain they encounter. Yeah, it makes it a little bit harder but they'll do it nonetheless.
  • dig @ com. axfr | gzip - >
  • For the last few years, I have must have heard ten or twenty people talk about mining the zone files for marketing information. I can only assume that some of these obnoxious people have gone ahead and done just that.

    I'm curious, though, if NSI will now open up a "service" for companies that want the files...
  • When those guys say

    "All customer data is our intellectual property,"

    are they saying that what they own is the knowledge that = or that what they own is the knowledge that = or what?

  • Like usual, Slashdot is full of comments by people who don't know what they're talking about. Have any of you tried registering a domain in the past two months? NSI's registration system has been hosed by DNS spammers who've been waging an electronic warfare campaign against the internet for their own profit.

    DNS spammers search the DNS database for valuable domains that are about to expire, then send repeated requests for the domain by E-mail, hoping they'll get it first. NSI is getting hit with thousands of spam requests a minute. As a result, it took me two weeks and a few phone calls to get a new domain registered. Fortunately, NSI's customer service is pretty good -- it had better be for what we pay.

    Although NSI is certainly in the pocket of the military-industrial complex, I have even more contempt for most of the people who have complaints about namespace issues. In our culture, such disputes generally have nothing to do with free speech and everything to do with rip-offs, con artists and scumsuckers like the Canadian who owns 200,000 domain names and the "" guy.

  • I love busybodies especially anonymous coward know it all mothery busybodies. Must be an american. Ha...

    Land of the Free. Aside from all the people telling each other how to live their lives because it raises taxes for the rest of us.

  • While I'm not thrilled at the prospect of the root zones being considered "intellectual property" of NSI, I'm sick and tired of getting spammed with messages promoting hosting and search engine placement every fscking time that I register a domain for a client. Can a person both applaud and decry at the same time?
  • Could someone explain to the more ignorant of us exactly *what* has been closed off? Just Zone transfers from the root servers? Or ability to send queries (and then, recursive, or not?)

    If they did block non-recursive queries, surely the DNS system would stop....

    Sorry, but I didn't find the article technically clear.

  • by locust ( 6639 )
    According to everything I've read on the NANOG list InterNIC (NSI) was spamming everyone who had a domain name registered with them, then
    complaining about the load on its servers.

    That having been said. The DNS database is a public databse. The governement should have torn up thier contract.

  • Im work for one of the compaines that no longer has access to these.
    They gave me a nice letter stating that using their list doesn't benifit the net so I can't have access. Now I have to craw the net looking for the same information. That seems to me to be alot worse for the net to me.
    I heard rhumors that just about everyone will be denied access... seems to be true to me since I was withing acceptable use 6 months ago.
  • I'm not an expert on this, but aside from MS suing for copyright violation (which they'd almost certainly have a case for), yeah, I think that would be legal since the issued by Internic is different from the one issued by Alternic.

    Kinda like if I have for an email address and I copyrighted the name, could I sue Hmmm... =:)

    Ok, to preempt the flamers, yes that was a bad example.
  • A year or so ago I followed the procedures Network Solutions requires for requesting access to the zone files. In my email request I stated that I agreed not use any of the information derivered from the zone files for sending spam, and that my sole reason for requesting access to the zone files was I was becoming increasingly concerned about the risk of monopoly control of DNS, and that I wanted access to these files to prevent this threat. This should have qualified as a legitimate reason for access to the zone files. However, Network Solutions never even dignified my request with a reply.

    I find the present DNS situation highly disturbing. I have written a very comprehensive document explaining why this is such a big threat [].

    Network Solutions monopolistic ambitions are clear. The difficult question is how to stop them. Right now there appears little that can be done other than trusting that the government and ICANN [] don't screw up.

  • not "transport". And it's IP addresses, not
    TCP/IP addresses. And are they really bound
    to domains? I'm not an expert on this, so I
    better shut up now ...
  • Someone just tried to auction some domain names
    on eBay for $1000.00, item #67595554, nobody
    bid on em.
  • As stated above, these are one possible route to undermining NSI's total grip on the "domain name market". But is it really all that impossible to get a new TLD widely listed? What about fine examples like .nu or .us? Heck, if you get enough important sysadmins to go along with it, you could have all kind of crazy TLDs flying around in the near future... (how about .alt, .biz, .fsf, or maybe even .slash? :o) )
  • This is what always happens when things get privatized. God, how long will it take the US to learn...

    on another note, is it possible to set up an entirely separate hierarchy of domain names - entirely bypassing all these tyrrainical abuses of power?

  • Well, I can't speak for Sweden, but NZ does not have a socialist system, or anything close. Maybe fifteen or twenty years ago you could say that we had something close, but these days the economy is as capitalist as they come. I think that we actually have a more open market than the US (basically no tarrifs or subsidies). Whether this is a good thing or not is, of course, the subject of much debate...
  • One who makes insulting generalizations about people an ocean away had better be perfect, or he leaves himself open to be attacked on any possible front.
  • "All of the data under the original cooperative agreement comes under our auspices. All customer data is our intellectual property," Clough said.

    OK, I'm going to make a map and declare it my intelectual property, then everybody will have to pay me mucho dineros to use any of the roads...

    I'm sick of it all

    Has it ever occurred to you that God might be a committee?
  • No, my first language isn't English. And the bad punctuation is more a matter of me being tired. My fingers keep thinking faster than my mind can type...

    And I do love my ignorant self ;-)

    Has it ever occurred to you that God might be a committee?
  • # nslookup
    Default Server: xxxxxxxxx
    Address: X.Y.Z.W

    > server
    Default Server:

    > ls com >


    You get to see a lot of hashes (#) and end up with .com in the file in the current directory.

    Has it ever occurred to you that God might be a committee?
  • You are correct, it is not mine and I have modified it to show this. When I found the quote, it was not attributed to anybody. If you have a reference I'd appreciate it.

    Has it ever occurred to you that God might be a committee?
  • While I agree that capitalism sucks, it's not a type of government, and neither is socialism. They are both types of economies, entirely different from government. You could easily have a capitalist dictatorship, or a socialist democracy, or a communist republic. I also wasn't aware that Sweden and New Zealand were socialist countries.
  • I agree. I really hate to think what I must sound like to someone who speeks spanish as their native tongue.
  • It should be noted that an assortment of other organizations, such as universities, ISPs, and the U.S. military, run most of the root servers. IMO, these organizations need to rebel and start providing the zonefiles some other way. If 25% of them do it, then what can NSI do to stop them? Remove them from the . Authoritylist? I've noticed the rootservers are already a bit slow.

    Some ISPs and universities need to stand up for freedom. If the InterNIC wants to stop spamming, they should announce a policy that they will remove any spamming domains on sight. Of course, they won't do that.

    Has anyone ever looked into the history of NSI? From what I can tell, they were originally formed to perform contract work for the government whe, say, a company like AT&T was working for the government but needed to be 10% minority owned to comply with affirmativeaction regulations. NSI would step in and actually do the work, since they were (technically) minority-owned. It seems like an incredible abuse of the
    affirmativeaction plan, which was intended to help small minority-owned businesses, not one or two millionaires.

    Oh well. Entropy is always increasing, and the Internet is not excepted from that rule. Let's just hang together and do what *we* can for freedom.

    Joshua. (I do mourn the death of --jon. all the more deeply because he kept this kind of madness from going on.)

  • From what I gathered from the article, they aren't closing access to the top level servers, in fact they aren't changing anything on the top level servers. They are taking away access to the zone files for the top level domains. You can still use whois and all that, personally it's an unfortunate consequence of people abusing those files. I can't tell you how much mail (e-mail and snail mail) I suddenly recieved after registering a domain for myself. I've stopped the address the domain is registered under because of all the spam it gets. However, I do think that they are also using it to deny access to competitors who should be given access. It doesn't seem to be as horrid as the original post makes it seem, but I'm sure that their motives aren't exactly pure. Goes to show how badly we need new domain policy and infrastructure in place.
  • Ummm...yeah. Actually brainchild, this is what happens when the government GIVES someone a monopoly, then realizes it was a mistake and that group does everything it can to hold onto the power it was given. See the phone companies and utilities for more on this.

  • Last time I checked, New Zealand had one of the largest deregulated/privitized telecom industries in the world.
  • I live there, and the MoneyGrabbingDingDongs (TM) are alive and positively squirming.

    We've got service cutbacks, privatised this, privatised that, user pays and now some dork has the idea that it'd be good to cut the number of MPs. I suspect they'd like to reduce it to one.

    DomaiNZ have the internet fairly well wrapped up as a closed shop, plus we have to pay data charges per megabyte (unless you don't mind having your access limited to a few hours - download Staroffice? Haha).

    New Zealand ain't what it used to be and it needs a fair amount of stick from the rest of the world to make the policiticans here realise they can't rest on their laurels any longer. Or rely on the goodwill of the average Kiwi; It's all been sold overseas.

    Vik :v)
  • The only type of government that works is socialism. Just look at places such as Sweden and New Zealand!
  • Bad idea. Currently, DNS looks at your local
    (ISP, college, company, whatever) server rather
    than sending the request halfway across the
    Internet. That way the root servers don't melt
    down from having to service zillions of requests,
    since info is cached locally.

    The only way to change this that's feasible is
    to have your organization point to somebody else
    as a root name server.
  • No, I believe you can still query their root name servers, just not download the entire database at once. DNS caching is still valid--- it's "prefetching" the entries that you need permission for. The downside for NSI is that they may see increased load on the root servers if fewer sites have up-to-date databases.

Don't tell me how hard you work. Tell me how much you get done. -- James J. Ling