Latest news of the domain name industry

Recent Posts

Internet closes in on 200 million domain names

Kevin Murphy, September 21, 2010, Domain Registries

The internet will almost certainly break through the 200 million domain names milestone before the end of the year, judging from VeriSign’s latest Domain Name Industry Brief.

There were about 196.3 million registered domains at the end of June, according to the report, up by 3 million on the first quarter and 12.3 million on the second quarter 2009. That’s 2% and 7% growth, respectively.

The drag factor on the overall market caused by the mass expiry of millions of Chinese .cn domains seems to have levelled off, making the growth a little more encouraging than in the first quarter.

Regardless, VeriSign said that 76.3 million domains were registered in the ccTLDs, basically flat when compared to the March numbers and a 2.5% increase year-on-year.

The ccTLDs may see a growth spurt in the third-quarter DNIB, due to the influence of .co’s launch, assuming another .cn situation does not arise in another TLD.

VeriSign doesn’t say as much, but if the ccTLDs only grew by a net 63,000 names, that means the bulk of the 3 million new domains were in the gTLDs, but it doesn’t break the number down by gTLD.

It doesn’t even say precisely how many .com/.net domains it manages, or what its growth rates were, just that the two TLDs’ combined total now exceeds 100 million.

US seeks powers to shut down domains

Kevin Murphy, September 20, 2010, Domain Policy

COICA is the new acronym we’ll all soon be talking about — it’s the law that could give the US its very own Great Firewall of China.

A bipartisan group of US senators today introduced the Combating Online Infringement and Counterfeits Act, legislation that would enable the government to quickly turn off domain names involved in piracy.

The bill would enable the Department of Justice to seek a court order against a domain name it believes is involved in piracy or selling counterfeit goods.

If the sponsoring registrar or registry is located in the US, the order would force it to stop the domain from resolving and lock it down.

The likely effect of this would be to force piracy sites out of .com and into offshore registrars. But the bill has thought about that too.

If it’s a non-US registrar and registry, injunctions could be sought to block the domain at the ISP level.

That’s right folks – if this bill passes, the US would get its very own Chinese-style national firewall.

The bill would allow the domain registrant to petition the court to lift the order.

“By cracking down on online piracy of television shows and movies, we hope this bill will encourage copyright owners to develop innovative and competitive new choices for consumers to watch video over the internet,” said Sen. Herb Kohl.

Which is about as disingenuous a statement as it gets, when you think about it, given that it essentially eliminates a major incentive for business model innovation.

Russian domain crackdown halves phishing attacks

Kevin Murphy, August 20, 2010, Domain Tech

Phishing attacks from .ru domains dropped by almost half in the second quarter, after tighter registration rules were brought in, according to new research.

Attacks from the Russian ccTLD namespace fell to 528, compared to 1,020 during the first quarter, according to Internet Identity’s latest report.

IID attributed the decline to the newly instituted requirement for all registrants to provide identifying documents or have their domains cancelled, which came into effect on April 1.

The report goes on to say:

Following a similar move by the China Internet Network Information Center in December 2009, spam researchers suggested that this tactic only moves the criminals to a new neighborhood on the Internet, but has no real impact on solving the problem.

I wonder whose ccTLD is going to be next.

The IID report also highlights a DNS redirection attack that took place in June in Israel, which I completely missed at the time.

Apparently, major brands including Microsoft and Coca-Cola started displaying pro-Palestine material on their .co.il web sites, for about nine hours, after hackers broke into their registrar accounts at Communigal.

DNS Made Easy whacked with 50Gbps attack

Kevin Murphy, August 9, 2010, Domain Services

The managed DNS service provider DNS Made Easy was knocked offline for 90 minutes on Saturday by a distributed denial of service attack estimated at 50Gbps.

This could be the largest DDoS attack ever. The largest I’ve previous heard reported was 49Gbps.

The company, which promises 100% uptime, tweeted that the attack lasted eight hours, but only saw one and a half hours of downtime.

Here are some tweets from the company, starting on Saturday afternoon:

Out of China. Over 20 Gbps…. Don’t really know how big actually. But it’s big. We know it’s over 20 Gbps

Update…. Over 50 Gbps… we think. Since core Tier1 routers are being flooded in multiple cities…..

Trying to organize emergency meeting with all Tier1 providers. We probably have over 50 senior network admins looking into this.

This is flooding the provider’s backbones. By far the largest attack we have had to fight in history.

And, post-attack:

The good: Not everyone was down, not all locations were down at once. The bad: There were temporary regional outages.

Almost back to normal in all locations. Full explanation, details, and SLA credits will be given to all users as soon as possible.

We did not see a 6.5 hour long outage. That would be ultra-long. DDOS attack was 8 hours. Less than 1.5 hours of actual downtime.

It will prove costly. The company’s service level agreement promises to credit all accounts for 500% of any downtime its customers experience.

Quite often in these cases the target of the attack is a single domain. Twitter and Facebook have both suffered performance problems in the past after attackers went after a single user for political reasons.

For a DNS provider, any single domain they host could be such a target. I’d be interested to know if that was the case in this incident.

ICANN threatens to shut down registrar flipper

ICANN has said it will terminate one of its registrars for non-payment of fees, the thirteenth such threatening letter the organization has sent out this year.

The unfortunate recipient is #1 Host Brazil, which has just a couple hundred domains under its belt in the generic top-level domains.

I may be wrong, but based on some cursory research I’m inferring that the registrar is basically a shell accreditation, acquired in order to flip to a larger registrar.

There are 10 other “‘#1 Host” registrars, such as #1 Host Australia and #1 Host Canada, listed on ICANN’s list of accredited registrars, almost all of which were awarded in late 2005 to the same Texan.

They all use the same logos and, due to the hash sign, all appear at the top of alphabetical lists of ICANN-accredited registrars.

Apart from the Brazil and Israel variants, most of the other “#1” accreditations have been acquired by Moniker at various times over the last few years, according to Internic and Whois records.

#1 Host Brazil faces de-accreditation (pdf) on August 24 unless it pays almost $9,000 in ICANN fees and provides evidence of $500,000 in commercial liability insurance.