IT Infrastructure - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  IT Infrastructure


Domain Hijacking Takes ICANN Spotlight



 By: Matthew Hicks
2005-07-14
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this IT Infrastructure story.


Rate This Article:
Poor Best
A committee of the Internet's domain-name overseer blames poor administration and flawed processes for the growing problem of hijacked names, and calls for action to thwart it.

Web sites both big and small face the risk of having their Web addresses stolen because of flaws in the way domain names are registered, transferred and tracked, a report released this week found.

The report, announced Wednesday during an international meeting of the ICANN (Internet Corporation for Assigned Names and Numbers) in Luxembourg, followed at least two high-profile incidents this year of what is known as domain-name hijacking—one hitting New York-based ISP Panix and another affecting e-mail provider Hushmail Communications Corp.

Domain-name hijacking occurs when someone fraudulently takes control of a domain name, often by masquerading as the legitimate administrative contact for a domain name.

The e-mail addresses of administrative contacts, widely available in the WHOIS database of domain registrations, are used to verify domain-name holders.

The domain-name hijacking report, available here as a PDF, came from ICANNs Security and Stability Advisory Committee.

The committee advises the domain-name system overseers board of directors and constituents such as the registrars that sell domain names to individuals and business and the registries that manage domains such as .com and .net.

Committee members expressed optimism that the report will lead to swift action, but it was still unclear as of late Wednesday whether ICANNs board planned to address the reports findings and recommendations at its meeting later this week.

Resource Library:
"Our job really was to shine light on problem and the basics of what needs to be done," said Steve Crocker, the chairman of the advisory committee. "Now we stand back out of the way because were not the ones to implement that."

ICANN Board Chairman Vint Cerf was among those who attended the committees release of its findings, and he expressed interest in the board acting on the reports findings. Crocker also said that committee members are promoting the reports findings throughout ICANN.

Click here to read an opinion about the role ICANN should play in preventing domain-name thefts.

The committees conclusions left no doubt that the consequences of a domain hijack can be stark and widespread.

"The registrant may lose an established identity and be exposed to extortion by name speculators," the report states. "Domain hijacking can disrupt or severely impact the business and operations of a registrant."

Along with intercepting or stopping e-mail associated with a stolen domain, an attacker could use a domain hijack in a phishing scheme to disclose sensitive information, in a denial-of-service attack or to deface a Web site, the report found.

Among the causes of cited for hijacks was the failure of registrars to follow procedures for transferring domain names from one registrar to another and insufficient verification of the identity of someone requesting a domain-name change.

The report left ICANNs recently changed policy for the transfer of domain names without blame in domain hijacking, although others in the domain-name industry have raised concerns that the change will fuel more stolen domain names. The new policy had focused on streamlining the process of transferring a domain.

Also contributing to the domain-name hijacking cases outlined in the report was the relationship between official ICANN registrars and their resellers.

Committee member Ram Mohan said that about 40 percent of domain-name registrations occur through resellers, and, right now, the burden lies with registrars to ensure that their resellers follow ICANN procedures.

"The fact is that there are 150 active [ICANN] registrars with contracts and real responsibilities, and by our count some 20,000 to 25,000 resellers, and thats only an estimate," said Mohan, vice president and chief technology officer for Afilias Ltd., the registry for the .info domain.

"These resellers are invisible to ICANN and registries."

What should run the DNS? Click here to read about the growing tussle between ICANN and the U.S. government over control of the DNS.

The ICANN committee recommended 10 fixes for hijacking, which ranged from more public awareness and a domain-name emergency hotline to potentially stricter verification of the identity of domain-name holders and better record keeping of registrations.

One technical recommendation focused on the use of registrar locks and domain-name holder passwords. The report suggests that registrars use locks, which prevent a domain-name change until the name holder unlocks the name, and consider using a specification called "authInfo," which essentially password protects a domain name.

Currently, the authInfo password is not available for .com or .net, both of which are managed by VeriSign Inc. But VeriSign has said it plans to add the support, according to the report. Other domains, such as .org, .biz and .info, use the passwords.

"This is a train that is just waiting to get off the tracks, and the tracks are already loose," Mohan said. "Were asking for serious action to be taken to quickly remedy the problem."

While the Panix and Hushmail cases were widely reported, the ICANN committee report also cited a dozen other examples of stolen domain names. The hijacks hit such high-profile names as wifi.com, commericials.com, nike.com and ebay.de.

However, the committee did estimate the total number of domain-name hijackings that have occurred. Determining that number is difficult since domain-name holders and registrars are reluctant to disclose cases and are not required to do so, Mohan said.

Check out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.



  Reader Comments: Domain Hijacking Takes ICANN Spotlight
>>> Be the FIRST to comment on this article!
 

 
 
>>> More IT Infrastructure Articles          >>> More By Matthew Hicks
 


x}ks6*Q3{L!a{lɶvlki;[HHbL\G?q /=hɏLb[£nt7;;~$rɥklJv9{>D;;}!ԇ`^P/2t}R  tӌ5v:! >>;| `OS;S uɄZIXQߕ>}~qlv .hvLIlG5tuOpnzA|!QGu)tC(D-Dm:\'7*GEnS8/De) Cd*Fӽ8t/[h  5ya_U'iv;P;E{QUh/E@^cBȡ[Rh=3dc7.{ -,v2K*-aе 29z u v}J@J73ҧ }KH;R@}ky>5I ib1lp2JH n>,!\G-0/<m6L( |HI Cu"ħzr(˺Y4hmwEaij|Tݯ(GϢCrL!-g©;Ψo?һP*)es~] !GA mkh[N#ZI;t{>~n_\|[r  A7R27`jLTV+Rhf Rc@G,{/BKoV7-%MюR;2,fϷ 3+i3*,ǝq%?[WM&M}'l,aZ4 2_]1-Uisiڟ;'w:Rڟ+̪ok*Cp='^=v?54Y01\ \V+HjgdZݓ6PE$Y-r"8_^Cj ݖUB_*X_G)L,Y`MIp6M2T~`]NjoNP_ ZPĿ"G/$Li.άzh-Aho*K>Lru&@Sk~$GM ]sΚb.L2<|){}Z—W.(AK/ ڊ5|*(if){΀3 BD4?CzC8S%Ku}7pWM,jY]6'tauIUis_}ޡ:itnuO^yֆ)IC EhYf7-vIqI}sQV1*e(_;ڇʁUp-Aqb2B c=M:gvXϳp: 0hv?SӧԴfPwTj$|N჎$>h&ƋCri[nL,rӇtw4ANݧn]=&: !pIH ) zA;=H:}mP`~5$ǎ@ L=s'08ɽ5E0ݻCi`y1&=զA{ Tgg ,zu}   @lWk 6G\[-[Z6x O͙A QP sZ( ޟ -2)%%E29 EEKy3@ $h-4az.ρmb?I~ݑvZO[2'9\t{B#\ZG;7 {TKh!+K@fsfd(4{~4 cbBd|#'fXr`Y \d+i)xf&i &NHZ:'4$a.*d٢S9`c}p t 0aAiŬ9c 9i|X#DnN-˘ R g?f0-qڛuV<ۢf08vs3tNn~|ZFhIO3hy>grGֶ-/ |zS.z:ԍ$r%5kb$T`CL ysDr VOr1r@eOSSɸVTV3Q2}=C+L)Eۋ)i SX-8G/4- {'ٲJb-Y~k%fcP.KúJj'~d7Bɶ/^[aa6E]Q^RKHD@CR)ҵ ҊaY^`(tM̆Т mM*`,|pö/UKW3@-ZYSj2ej[`B]PeܠQ@3%X3PQ[ lx kuꟸPCߵK|#=dsqu3$0TN|2ː 7q- CO5,&ff:X[' ˖X c*8tԳtgqqؿXZN®tՔ/hOӛvpuQӜh2F ÑeHޤ 2RXO%}T5!O{M{c>4Ye j,E3 dUkRPZEUգ}ZfGU`q,(xO?b5xh/Op_ˬ7K_no?SM+\s>'<\V`QƖ]4FXXH]-'L͎O\NS!4dTP95f> S#3}&mno^F{y<۝ErN?dZIp|]avKrekH˷bgfitLeb`l "Z`|i-X`&c1 s*? }l3pڳ`Mɧb_;(Xcփ0 IǸ}w3OnyUcү|m*,n1}a%[Ŵ(n<0{L3wJ=6 Phnh`dmhAE+-g}X} 2␞+n'U`9H97=RrRHǞ1]]2Y1i}SU}Д*eƬ}/(QUmq'F.҄^ߵK]bRvYLvLʲHG٭TSV82V6~Z/Ѓ`I##g0(G?F^nȍڽv?aIG|)탪T&#UiZe%~萫ncEZdЯdL5AKgl!/`.QȣS/l`^ASV<^ےtK3קA(6E&7 uͫ5Yx\sXҌd;yX^5ItH"J7eNVځ*\$T+IjYtn:0ȘُYD[^:L&rOfҿss]`_a|7#S͆Re_Ak rR8~G+a>&ri&kSH+jy>e!r UN7._Tj vQ: L:HP YGۻBlpI75 ),"xvtՒ:ͳ6?pȁ>KM$ȅ X,I!^>juΤ^a]OQ孀҈FU~RlޜuėlO~R\tR ~Zz0WFԼ];P*aݼ@>m48 Z&IĘ 3^6Q"B@I˸toZ,WZXKs!}=#ɢbGkhNئ;+*ؿ+,kZ\f·|CCjNx,(G@RPOh[#ZEK|b;3^t}q BtX 1teE/R)Q\(뉞h">49Sj6}AFJN^v ZҷoDW蘧YOtEx[(kx,ubsZ;L{Lbp j_tz`ESrg!,/D_{w JE p!XIS"9oթ-xOӆO|BaJ;u$-zdeQnKlx8e)Oz.+06H P,OҼe=lI1 iK"ih$bbVFZowݼڜ4<5ަmƙWxvIl붱<:Rpe85(~yMHoqFiIg֢Ѭ]}+ ɏxR̅a!y $v吜Ճ~q=DzpPvwX̧{E~`rFntÝԆ+*9"G,^2k7~ ܳ.t0w쯁 8dcΓdfcT1;.`Y =w>=aLHM\ghNPD(WP^~4q4Zxje|S+M`aEv;H.%3INuAHK}ҼoHK09nJs djBOHԃb5zǿ|TOF 95C/3r°e}ߨ+=hGt?vJwѧmE to4vlLcI")VԺU7`\8%'+dxrt2ע @7YM (f~\;pGҠ%ccmf}ݸ;w{f1vnw GP$(>A}I.~(R=n .o.-\*K5"vKr*IΧ$(IV)"{"F%{twoo14m*z>=35"<,5 Rf"]A U h Cl {8g #@*yh\]]w71%pRx656y( h4RV`+q٦h "a' zYOC,' _p$|#؈'/G'?Z7{cE|3̕ u\wךW)ycbƚ[KLBI|/4y˭(L )C_ƥE/.qĨ&pbwx7}y-gsX#gvEFuveU\~ `.zOwF{p|Kݞ% !%=Xi@.1(oMihQ-?gt9YҟPg|lfDZ..nMO=mP$KyрN-uωgȺOnQۮi@IpݳR)*xutߌ/ = hDni^I/BKL_32jII#۾홎'RxGvDÙݰqLX0:m4D$Ph'O.`{~^Dw*,Pl vvR bUXpc<`WqFo6- ~2d@­ZK sZ !,xoN;Y=}\: b!:eKsA-$C^#M\⍹ T!'pre}%ݏ6cCve!a}Xh B[Xv&(Lx@ϽPti 4HRׇ!OBKRJ1/AWD$6_1HC"aZZ2 Hx_=g\Χ)+{ h1ލMK. * oCZy>"XI{)V'IJw@8]`F"a NtՉFlpF56)[T%&)M٢z+t5B BL}guՓnX04@]8qt 1#H" 0APH`1ml\t[~)IRyq~9M6R!Jj6}?\cS.=$"#y9 m(ih<ڶ fD HsN9zhLPXS˄< Ht%A⋡WoV6b0UIۘyjOgDg9bTŕ} )H5'"A%v ޠ)`ĞLAMt쵘Yx\؊'h*:`'];a5>IŹ{`f',z3àA0/{A^̊z+&E_[ p GI$MZzNsc} $JQTi<*^ӎE0<2~B\:AI)%:-OH0#uhLA \/u;2'l9bdy֡ qFDko'-q#8=/ qC&/6 k#|ţ-Euq,x>O,.,G Nj;$GHixi23|e[My;U!]*hgbS@qG+'&ږ$mklJ_PӧC]*) B ;ytAIOx3P7^l<orc>g^,O9!P*p&n0uۼx~_| (\Jj$̏G b6s/o0R6]]TEo6L5 "X+vGZ G l8ص׶WҵoMi<#>e oP|<zs3^?]Aȣޖ0v .q }qgRolSE7OXgT7fymMz "@xb3#t7±IoQcVϽߝZ6 &祝k4t NVKx#Lƣؤ;,6t}"geؙz{6c5Ypc$'!HM,0$$CDnl\8 ,rb/?YSԢu2Ϋ_*­&D{#b_2w<Go{V {Cl;V_/ A(LIf$ ؒmk|kJe=T6(8I?'{ʞVS,'Y+ ZCz@YiӶM+A#샒=%x[ ,qx Dw un3<QmEIm$>E Rhf3VGBx `,%7fTXA0hDYbɤ9^Rl&{ 財E3, Y詉K15\Rr\.he,zUdI<&/ czŇRO&OSj9) O=#Ԥ?RUBI ᫁|^0|95hCy?z^3Rk=cX;Xhf7yj+n-楻3xb(͊NԽtCxW.Ƅ-*);,Muݛ]쑁>_@#GZƒM2Ӱp-'gI ɥdiR'ֽu/9 .oؕ՚Tھ fOPV(̼!xh<EK\ ړv';`^.kZ%y[9?x Ra )z:^链55/aGV$(؛ Av/;m9"0ǖC0%m4ܵ,Q<^:]LEm),Wxo/e5!¯I{u >9\ۉ;Μ(ޗ}NLUtM-3@~j 4Zu-uv_v~msι W xfVؖUm}qV.R)q2ɹ莥Yf ;e=jX:N#RF¯R~#rUq{V]CoK.&ڰk716jvN[Q*5&|;+pSMC7RyVmIzO\CP |°$Swןp+TՔG?YS_D_dq mmvF8/17ѓkV0'qjI#?+){ꞪߧȎhp|8l@1" ?Ji:N~^P?= ^̸8. roEVIv# b<˓+62 1hLl./uhxgf\o{~}C+@x8LGsXY8[>'죇BAiNANJˊ\+c3S- [z !y8<9 ްnb75|$rE$!i3ۏ7W=@)HU t083)7H9 dU ?M /7nrnR-i`Ik„0'ld DpsٹWva0n#BLk43DDc^r {fĔy^ gCcн8 {|v[/ T6CĊ1gOiX$@1ZBv DjV>]N*@`g*?-G,(ϏpkꥦH0^|efp"(]&. XIwqw&+W!5`-=5KnltQQ({b8+M u?؃3,ȏ]^THmݜ(8s$Ѕ:x,@#!9ωJI{raiG'ZYQD(ɮ+뽉e2'{x1bRSJ9JLꚂQj.ʷEGsYQ^&*?[Ӕ^*BI] / P/HZء W{PɾxQ t0 c3br`9/{C&Oǽuӽo! lkEߢԲQq{sվ\ ~F;f6/ME`9,eiӫe)3C9տsm.4 /"ǸȁW.}QX\m՝(/(E_VCĸЫSi0L)oZ7^O˧VRj!sC3YN>AB㼳>*4:|_'\C;9+4>r@">v˜/sy9\2?/?/se*ϐ9'sɿ˜|߫ʑ+B9.n~kS&z/? ?}ϐ9/gBm^>mB9_zy9rּƅ)rq/ 苼U|XB]@~>(/nts:WJsz9^}IAF&/n+]a芋-5nk Ǥjuv^_BBU$X2T )htVydS˼=>w懴Ixմ] &J27[O'ikz(#s<2g!h{U26#K}x`ߟǒGЬ]#=DCD?|[2YI8{r@ @9zo\pm`HU-Ah:)7.q{Zӛ7\ڎwڝGf0"X;Yo[췡^@+isOtVfw 4;.Vl<-t&n\e%poQE+FEkf'ZqFXg냛n%~LUbp}[\y`_GFb+&3Vjͅ*u.w ɰ\,Nd=:v] ~䭵ފJd(`n皱LԛZd5L7A 6LGvw?cМw\(|kt(E,M᯹wY{N6 )4MϫH΢P=]KQRJVt\*g~\g;Tl[1d>0BIދo!xwia'R1<$}c쾱ߞR TDO"Ntx>=|I>^[zQؗ@6aҧ;Qg"Y/Bc=L?Pɕu#Rr] "!_Sahlyp.!:}`S I:sD:9yEPީx˖) Mm+#84"<ܼ lQF޺%鏸6x}ư҄ ]@f:o@ Pr⁜0қ1zX1|ue l|_O~Uf2K'gsx m|Q| yQFu:hY 96x62-  `yMF6iZDR*,l'f , ~sf㿴(@P W91"ez ?{{v͆LVy؋$| _[0~YrJ~S.u 7tle @ëx mE73B**K,^z LwMN!8u @Ѫ v7"aa|A0n,$݁N5 {zw1G[0r2oz[8KiJ epCrjVI;;Q0&|"[^'QI 8V\жX3 fE1[Rj8g 19,O)xI1%hB6IĶqyuc~ږ10Ei񸜸ޜ]1E~2zpPF!%׫rulPyc|[00jPÛ|rZ$0$aU\3z7ZО3,C& Cg;vC1Bi6er ߂ T|j}X O!0YdW+UĔ^b'.J i-9ON*BX6^?tCf *$[l{׺ЃTnt