As governments around the world moved to shut down WikiLeaks, the site struggled to remain online, as its American-based domain name service provider pulled the plug on the site on Dec 2 and Dec. 3.
WikiLeaks also was hit by another DoS (Denial of Service) attack late Dec. 2, the third such incident since Nov 29. The site's DNS provider, everyDNS.net, stopped directing traffic to the WikiLeaks site shortly after the attack began. The company defended its decision, saying the attacks have, and would, "threaten the stability" of its infrastructure, which serves "almost 500,000 other Websites."
"WikiLeaks,org domain killed by US everydns.net after claimed mass attacks," tweeted WikiLeaks, and then moved to a Swiss domain name, WikiLeaks.ch. As Internet security firm Netcraft noted, strangely enough, WikiLeaks changed the domain name but stayed with the same DNS provider.
The Domain Name System is a phone book for the Internet, and providers translate domain names to the IP address of the server hosting the content. Even if DNS is not working, users can go to the site by entering the IP address.
Around noon on Dec. 3, everyDNS disabled services for WikiLeaks' secondary hosted domains and the new WikiLeaks.ch domain.
"EveryDNS.net is not taking a position on the content hosted on the WikiLeaks.org or wikiLeaks.ch website," but "following established policies," the company said in a statement. EveryDNS is based in the United States.
WikiLeaks promptly switched to three top-level domains located in Germany, the Netherlands, and Finland, according to its Twitter account. The name servers for the new domains, according to the latest WHOIS info, are Rollernet, another US-based provider, and a free service based in Denmark.
Several early reports had incorrectly named easyDNS as the WikiLeaks DNS provider, prompting easyDNS CEO Mark Jeftovic, to deny in his blog that easyDNS was WikiLeaks service provider in response to angry posts and comments.