Click here to receive your FREE subscription to Campus Technology
Current News
The Curious Correlation Between .biz Domains, Bad Whois Data, and Spam
12/3/2003
Terry Calhoun, IT Trends Commentator
Society for College and University Planning (SCUP)
University of Michigan
J'e's been busy playing detective and he's discovered some interesting loopholes in various procedures related to ICANN policies. I've noticed "bad" whois registration addresses before but never followed through to do anything about them. Maybe now that J'e has laid all of this out for us, more of us can join in to plug these spam holes.
***
J'e St Sauver, Ph.D. (j'e@oregon.uoregon.edu)
Director, User Services and Network Applications
University of Oregon Computing Center
If you take the time to deconstruct the spam you receive, one of the most interesting things to scrutinize is any URL contained in the body of the spam. Notice any pattern to the URLs you see? Ever wonder who's behind those all those different domain names?
Non-network-geeks may not know that every domain has (or at least is *supposed* to have) accurate registrant information available via "whois." For example, if you have access to a unix shell account, the command:
whois -h whois.networksolutions.com syllabus.com
will show you the whois data associated with this Web site's domain." If you'd prefer a Web-based whois, you can try http://www-whois.internic.net/cgi/whois.
The general requirement that domains have accurate registrant information is explicitly defined at Registrar Advisory Concerning Whois Data Accuracy. Later that same year, the ICANN Security and Stability Advisory Committee did a nice job of explaining why accurate whois data is absolutely key to the security and stability of the network.
If you find a .com or .net domain, spamvertised or otherwise, that happens to have inaccurate whois data, you can easily report it using the online form.
Thus, for example, if you see a whois U.S. street address that looks suspicious, you can use any of a variety of online address verification tools (such as USPS) to check at least the superficial validity of that address. (The more profound question of whether or not a valid address is actually the right valid address for a given entity is a more subtle question that we'll set aside for now, along with the issue of doing address verification for non-U.S. addresses where computerized address validation tools may not be available.)
Anyhow, if you should happen to find a street address associated with a .com or .net address that turns out to be wrong, you can report that problem using the Internic's online form. For the most part, .com and .net whois data is generally pretty clean, and when you find a .com or .net domain that has data that isn't right, you can easily get that whois data cleaned up (or the registration data for that domain "registrar locked" or deleted).
Recommended Reading
- Campus Security :: June 27, 2008
:::::: NETWORK SECURITY
: Delivering Slices of Network Securely at USC
:::::: CAMPUS SECURITY NEWS
: VMware Finds Home on Campus in Disaster Recovery Planning
: Microsoft Advisory Targets SQL Injection Attacks
: Mobile Security To Surface in Sybase iAnywhere Suite
: Southeast Missouri State Says Former Employee Took Student Data
: Universities Deploy Procera Hardware to Prioritize Network Traffic
: Dartmouth Launches 2-Week Crash Course in Security
: Survey: Many Microsoft Patches Are Going Uninstalled
: New Bluetooth Patch Fixes XP Security Hole - IT Trends :: Thursday, June 26, 2008
:::::: FOCUS
:: Lyon's 1:1 Laptop Program Aims To 'Level the Playing Field' for Students
:::::: IT NEWS
:: Windows XP's Death Is for Real, Microsoft Rep Explains
:: Temple To Deploy Wireless LAN Across 8 Campuses in Philly
:: Adobe Releases Acrobat 9, Creative Suite 3.3
:: Microsoft Open XML Converter Arrives for Mac
:: Pentaho's BI Platform Released Under GPL
:: New Bluetooth Patch Fixes XP Security Hole
:: New 11.0 openSuSE Linux OS Released - C-Level View :: June 25, 2008
:::::: EXECUTIVE VIEW
: The Educational Software Paradox - Can We Learn to Unlearn?
:::::: WORTH NOTING
: D2L: Blackboard's Comments 'Contempt(ible)'
: Ohio State Installing Interactive Technologies in Campus Incubator
: New Green Supercomputer Powers Up at Purdue
: Western Governors U Offers New Online Degree in Health Informatics
: Foothill-De Anza CC District Deploys Abaca for E-mail Protection - SmartClassroom :: Wednesday, June 27, 2008
:::::: VIEWPOINT
: Podcasting in Instruction: Moving Beyond the Obvious
:::::: NEWS and PRODUCT UPDATES
: D2L: Blackboard's Comments 'Contempt(ible)'
: Ohio State Installing Interactive Technologies in Campus Incubator
: Samsung Launches Pint-Sized Projector
: Mediasite 5.0 Debuts; New Classroom Recorders Coming in July
: Mitsubishi Launches Wireless, Short-Throw Projectors - News Update :: Tuesday, June 24, 2008
:::::: NEWS
: Sao Paulo University Taps Sun Technology for Computing Cluster
: Ohio State Installing Interactive Technologies in Campus Incubator
: New Green Supercomputer Powers Up at Purdue
: Mediasite 5.0 Debuts; New Classroom Recorders Coming in July
: Intel 'Holding Back' USB 3.0 Spec, Says Nvidia
: Allegheny College Launches Energy Reduction Program
: Virginia Tech Automates User State Management with Kaseya
: Tokai U Uses PTC MCAD Software To Design Car that Competes at Le Mans - IT Trends :: Thursday, June 19, 2008
:::::: CASE STUDY
:: Job Scheduling Software Smooths Data Transfers at IUF
:::::: IT NEWS
:: Blackboard Continues Pursuit of Desire2Learn
:: IBM Launches 'Carbon Strategy' Service in Project Big Green
:: Microsoft Joins Open Source Census Group
:: Swedes Deploy Dual-Boot 'Green' Supercomputer with IBM, Intel Chips
:: U North Texas To Roll Out ImageNow for Document Management
:: Cambridge Installs Panasus Parallel Storage System for Research Support
:: Novell Joins Microsoft Server Virtualization Validation Program, Runs Windows Server 2008 On SUSE Linux Enterprise
