Recent Posts
- ICANN puts blockchain on the agenda for good
- New gTLD in trouble as largest registrar gets suspended
- ICANN picks comms firm for new gTLDs outreach
- Donuts goes with bland, forgettable, for new company name [rant]
- Broker says it will sue after DNS abuse sting operation
- Unstoppable targets another city gTLD with free domains
- Dynadot takes down its own web site after apparent breach
- The slow crawl to closed generics at ICANN 74
- Controversial Chinese firm among two newly revealed UNR gTLD buyers
- Over 900 people show up for ICANN 74
- Verisign and Afilias spar over .web delays
- Hamburg selected for next year’s ICANN AGM
- Amazon governments not playing ball with Amazon’s .amazon
- High fives, or elbows only? ICANN 74 intros traffic light system for socializing
- NetBeacon goes live for DNS abuse reporting
- As registration closes, many ICANN 74 sessions at bursting point
- Belarusian domains to change hands
- As GoDaddy shutters URL shortener, could x.co come back on the market?
- Nominet opens directorship nominations
- GoDaddy acquires two education-themed gTLDs
- Crypto domains: a feminist issue?
- Turkey name change could free up gTLD string
- Porkbun offering free .gay domains for Pride month
- DNSAI to name most-abused registries, registrars
- NameSilo profitable in Q1
- Meds regulator won’t say why it gets domains suspended
- Porkbun hits a million domains
- Porn names to feature at NamesCon Global
- Pizza company suffers from penisland syndrome
- Seat reservations and waiting lists on the cards for ICANN 74
- New gTLDs or Whois access? What’s more important?
- Domain sales down even as revenue booms at CentralNic
- ICANN kicks the can on .web yet again
- ALAC’s brutal takedown of that “aggressive” ICANN 74 coronavirus waiver
- .link gTLD buyer revealed
- After 10 months, ICANN board “promptly” publishes its own minutes
- China yanks Daily Stormer domain after Buffalo mass shooting
- Fewer domain companies closing down than expected
- ICANN highlights “not getting things done” risk
- Another single-TLD brand protection service planned
- Dot Hip Hop slashes prices 80% in relaunch
- Three gTLDs to lose Donuts trademark protection
- Tucows to reanimate Tucows brand as sales flatten
- Blockchain domains pose “significant risks” to internet, says ICANN
- Russian registry hit with second breach notice after downtime
- Two countries could lose registrar competition after breach notices
- .tattoo — another UNR gTLD auction winner emerges
- Neustar now linked to scandal in the Catholic church
- SSAD: Whois privacy-busting white elephant to be shelved
- ICANN reports shocking increase in pandemic scams
- Kaufmann selected for ICANN board
- Secondary market fluffs GoDaddy amid slowdown concerns
- Washington DC picked for ICANN 77
- UDRP suspended in Ukraine
- Gee, thanks. auDA cuts price of .au names by five cents
- ICANN salary porn: 2021 edition
- A sign of things to come? Verisign slashes outlook in post-pandemic slowdown
- UDRP comments reveal shocking lack of trust in ICANN process
- CentralNic sees 51% growth in Q1
- Ukraine won’t delete domains until war is over
- Covid surge scuppers ICANN LA meetings
- Vox Pop defends its favorite cybersquatter
- ICANN picks recipient of $1 million Ukraine aid
- More friction over closed generics
- ICANN’s Covid-19 waiver formally appealed
- GoDaddy and XYZ sign away rights after UNR’s crypto gambit
- Verisign wipes free TLDs from the world stats
- ICANN picks 28 registries for abuse audit
- TMCH turning off some brand-blocking services
- Bye-bye Alice’s Registry
- .kids goes live, plans to launch this year
- ICANN suggests its Covid waiver may be worthless
- Domain sales exempt from US sanctions on Russia
- African Union can’t register .africa domain
- Microsoft seizes domains Russia was using to attack Ukraine
- Blacknight objects to ICANN 74 Covid waiver
- DNS Abuse Institute names free tool NetBeacon, promises launch soon
- Radix renewals drive growth as revenue hits $38 million
- GoDaddy formally signs .tv registry contract
- ICANN lists the reasons I probably won’t be going to ICANN 74
- A public apology for my April Fool’s blog post
- ICANN accidentally summons Lesser Old One in DNSSEC snafu
- ICANN “volunteers” want to get paid for sitting through pandemic Zoom calls
- War fails to stop .ua domains selling
- Marby pledges low red tape in $1 million Ukraine donation
- 2LDs boost .au’s growth
- With mystery auction winner, .sexy prices go from $25 to $2,500
- Ukraine registry hit by 57 attacks in a week
- ICANN says higher domain prices may be in the public interest
- .org price caps: ICANN chair denies “secret” meetings
- Nigeria slashes prices to compete with .com
- .au names available today
- GoDaddy acquires DNAcademy
- Google to launch a shopping-themed gTLD next week
- Another DNSSEC screw-up takes down thousands of .au domains
- XYZ bought most of Uniregistry’s TLDs
- What to make of this strange trend in new domain regs?
- EURid appoints new CEO
- Mutually assured destruction? Now Afilias faces .web disqualification probe
- Closed generic gTLDs likely to be allowed, as governments clash with ICANN
- 101domain throttles its business in Russia
- ICANN bigwigs support sanctions on Russian domains
- Soviet Union “no longer considered eligible for a ccTLD”, ICANN chair confirms
- Nominet cuts off Russian registrars
- Now Sedo pulls the plug on Russians
- DNSSEC claims another victim as entire TLD disappears
- Ukraine’s emotional plea to ICANN 73
- ICANN extends Covid-19 abuse monitoring to Ukraine war
- ICANN’s Ukraine relief may extend to Russians too
- ICANN offers $1 million to Ukraine projects, supports Ukrainian registrants
- Here’s a way ICANN could actually help the people of Ukraine
- GoDaddy stops selling .ru domains, commits money to support Ukraine
- Gandi says it supports Ukraine but WON’T cut off Russians
- Now IONOS kicks out Russian customers
- ICANN says NO to Ukraine’s Big Ask
- Namecheap offers free services to Russian dissidents
- CENTR kicks out Russia
- Ukraine asks ICANN to turn off Russia’s internet, but it’s a bad idea
- Namecheap boss goes nuclear on Russian customers
- Noss pressures bankers, lawyers over Russian oligarch links
- As Russia advances on Kyiv, .ua moves out-of-country
- Maybe now’s the time for ICANN to start dismantling the Soviet Union
- Cybersquatting cases down in .uk
- GoDaddy among five companies competing for .za contract
- Registrar hit with second porn UDRP breach notice this year
Architelos offers entry-level NameSentry
Kevin Murphy,
November 24, 2013, 11:45:58 (UTC),
Domain Services
New gTLD software provider Architelos has released a cheaper version of its flagship NameSentry security compliance tool.
NameSentry Lite strips out the automated workflow and mitigation components found in the original, leaving the core threat reports and statistics intact.
It’s designed for smaller TLDs that don’t expect to see a lot of malware or phishing in their zones and it’s priced starting at $139 a month for a TLD with under 5,000 domains under management.
That’s about $100 cheaper than the standard NameSentry, which is geared more towards mitigation and has monthly charges ranging from $249 to $3,999, depending on zone size.
Boutique gTLDs and large portfolio registries such as DotKiwi and Donuts are early customers of the more-expensive version.
Is Architelos the only company providing this kind of tool? I need something like this for my TLD, but it would be nice to see some other options.
I’m not aware of anyone else doing the workflow stuff, but DI PRO has TLD Health Check if it’s metrics you’re looking for.
Artemis / NCC Group Safe TLD service seems to be targeted to the new RA specs as well, but I couldn’t find something online about it.
Netcraft and Team Cymru also have commercial offerings that combined can fulfill the requirements, but combining can also be done on cheaper or free alternatives to build a DIY solution.
Rubens et al.
Netcraft is a great service and you can find more info on their anti-phishing service here http://www.netcraft.com/anti-phishing/
To be clear, NameSentry is different as it encompasses a wider range of abuse types (not just phishing, but also malware, botnets and even spam).
The NameSentry portal option includes automated mitigation workflows which can be customized to the abuse policies and procedures of any given gTLD or ccTLD. Lastly, our prices are posted on our website, as are the terms. A TLD can even choose a month to month option (so no long term contract or financial commitment).
So to compare – a DIY option would involve not only buying various datafeeds, (or standalone monitoring and analysis services for say phishing) for different abuse types, but also aggregating and normalizing the info, and then either doing notification and mitigation steps manually (so personnel in ops/customer service, or abuse analysts) or building and maintaining the system to automate mitigation steps and then document and archive an audit record. In terms of core competencies (and putting the issue of upfront and continued commitment of capital and HR resources aside) not every registry or registrar has the core competency to do this, and do it well enough to stake their contractual compliance on it.
So it is a question of what do you want to focus on and what should be outsourced.
Hope that helps
RA specs on this do not require specific accuracy levels, so contractual compliance is not that much of a risk in this regard. I can see reasons for either DIY or outsourcing considering the whole picture, including end-user perception and corporate social responsibility, but they are all carrots. No actual sticks here.
Thanks for this info. I’m running a single registrant, closed TLD and not expecting too many domains, so I just need whatever is considered compliant.
http://www.selectrealsecurity.com/public-block-lists and http://www.surbl.org/lists have lists of lists and getting thru those would already qualify as going thru reported threats. It needs to go somewhat beyond what is reported directly to the registry, but there is no actual service level or accuracy target on the agreement, so you don’t need to know all threats or try knowing an specified % of those.
The text in the agreement is very non-specific as can be seen below.
FYI
I have copied the specific Spec in the Registry Agreement below.
Specification 11 3.b:. “Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request.”