Latest news of the domain name industry

Recent Posts

Architelos launches new gTLD anti-abuse tool

Kevin Murphy, August 15, 2012, Domain Services

Architelos, having consulted on about 50 new gTLD applications, has refocused on its longer-term software-based game plan with the recent launch of a new anti-abuse tool for registries.

NameSentry is a software-as-a-service offering, currently being trialed by an undisclosed number of potential customers, designed to make it easier to track abusive domains.

Architelos gave us a demo of the web site yesterday.

The service integrates real-time data feeds from up to nine third-party blocklists – such as SURBL and SpamHaus – into one interface, enabling users to see how many domains in their TLD are flagged as abusive.

Users can then drill down to see why each domain has been flagged – whether it’s spamming, phishing, hosting malware, etc – and, with built-in Whois, which registrar is responsible for it.

There’s also the ability to generate custom abuse reports on the fly and to automate the sending of takedown notices to registrars.

CEO Alexa Raad and CTO Michael Young said the service can help streamline the abuse management workflow at TLD registries.

Currently, Architelos is targeting mainly ccTLDs – there’s more of them – but before too long it expects start signing new gTLD registries as they start coming online.

With many new gTLD applicants promising cleaner-than-clean zones, and with governments leaning on their ccTLDs in some countries, there could be some demand for services such as this.

NameSentry is priced on a subscription basis, based on the size of the TLD zone.

ICANN fixes new gTLD portal bugs

Kevin Murphy, July 23, 2012, Domain Policy

ICANN has brought its new gTLD program customer service portal back online after about five days of patching-related downtime.

In a notice posted late last night, ICANN said the delay was due to the wait for a vendor patch. ICANN said:

A recent, proactive review of the CSC system identified potential vulnerabilities. To address these vulnerabilities, the CSC portal was taken offline while vendor-provided patches were applied. There have been no known compromises to any data.

New gTLD applicants will now have to log in to their TLD Application System accounts, which use the Citrix remote terminal software, to use their customer service tools.

Non-applicants will be able to ask customer service questions via email.

The Knowledge Base — essentially a program FAQ — is still offline, but ICANN said it hopes to bring it back up within a few days.

ICANN takes down gTLD apps after revealing applicants’ home addresses

Kevin Murphy, June 14, 2012, Domain Policy

ICANN has temporarily blocked access to its newly revealed new gTLD applications after accidentally publishing the home addresses of many applicants.

Some applicants noticed today that the personal contact information of their named primary and secondary contacts had been published during yesterday’s Big Reveal.

In many cases this included these employees’ home addresses, despite the fact that the Applicant Guidebook specifically states that this information would not be published.

After being notified of the snafu by DI, ICANN confirmed that the addresses were published by mistake.

It’s taken down all the applications and will republish them later with the private data removed.

“This was an oversight and the files have been pulled down,” ICANN’s manager of gTLD communications Michele Jourdan said. “We are working on bringing them back up again without this information.”

It’s another big data leakage embarrassment for ICANN, following the recent outage caused by the TLD Application System bug.

It’s not likely to win ICANN any friends in the dot-brand community, where ICANN’s demands for background information on applicants’ directors caused huge procedural problems for many companies.

For applicants for controversial gTLDs, the revelation of this private data may carry its own set of risks.

Chinese DDoS knocks 123-reg offline

Customers of major UK domain registrar 123-reg suffered a couple of hours of downtime this afternoon due to an apparently “massive” denial of service attack.

The attack targeted its DNS servers and originated in China, according to a report in The Register.

Users reported sites offline or with spotty availability, but the company managed to mitigate the effects of the attack fairly quickly. It’s now reporting mostly normal service.

123-reg, part of the Host Europe Group, has hundreds of thousands of domains under management in the gTLD space alone.

TAS bug hit over 100 new gTLD applicants

It just keeps getting worse.

ICANN’s TLD Application System security bug could have revealed file names belonging to 105 new gTLD applicants to 50 other applicants on 451 occasions, according to the organization.

With 1,268 applicants in the system, those numbers certainly fit with the “a minority of applicants” description previously given, but it still shows that the bug was widespread.

The supplied numbers are “approximate”, but ICANN said it is “continuing to review system logs and packet-level traffic to confirm how many viewings actually did occur.”

The latest news means, for example, that 50 new gTLD applicants may have had the ability to see information belonging to other applicants on average nine times each.

While the new data may not strongly suggest that the bug was deliberately exploited by any applicant(s), it’s not inconsistent with that scenario.

It could mean that one applicant saw the details of 56 others (suggesting exploitation), but it could also mean that 50 applicants saw about two third-party file names each (suggesting accidental viewing).

Without further information, it’s impossible to know.

ICANN has not revealed, and is unlikely to reveal in the short term, whether any applicant was able to view the metadata of another applicant for the same gTLD.

The organization has however started to notify affected applicants whether they were affected as victim or beneficiary, according to the latest update from chief operating officer Akram Atallah.

Atallah also revealed that TAS had 95,000 file attachments in the system when it was taken down April 12.

At an average of 75 files per TAS account, this would support the idea that, on average, each TAS account was being used to file more than one application.

ICANN still plans to wrap up the notification process before next Tuesday, May 8, but there’s no word yet on when TAS will reopen for the final five days of the application window.