Re: KnujOn - Registrars
On Tuesday, February 17, 2009, 10:47:00 PM, Lindsay Haisley wrote: I'm alarmed at some of the stuff GoDaddy did, completely on their own without orders from ICANN. See http://www.nodaddy.com. I don't want the domain name registration system turned into a nanny-state tool. It would be, if it were the government doing it. GoDaddy is a business, and a business has a right not to do business with abusers of the Internet, including cybercriminals. Cybercriminals can and apparently do take their business elsewhere, so it's pretty difficult to meaningfully compare GoDaddy to government censorship. Really the problem is with the apparently irresponsible domain registrars at the top of the Knujon list who seem perfectly happy to sell hundreds of thousands of domains to apparent criminals. The proper forum through which to lodge complaints against registrars is the ICANN, and ICANN needs to be held accountable for a _lot_ of strange stuff. It's a zoo out there! As much as I would like ICANN to do much more to fight abuse, ICANN really can't police the Internet. They don't route the networks, host the sites, pass the traffic, host the domain zone files, run everyone's mail servers, etc. It would be a bit like asking the registrar of voters to stop political corruption. The outright criminal ISPs and registrars (like Estdomains, Intercage, McColo, etc.) need to be kicked off the Internet, and the non-criminal ISPs and registrars need to do much more to stop abuse of their services and networks. Jeff C. -- Jeff Chan mailto:je...@surbl.org http://www.surbl.org/
Re: KnujOn - Registrars
From: Karsten Bräckelmann guent...@rudersport.de Sent: Monday, 2009, February 16 15:22 Here is a list of last years, and this years spam by registrar (joker was given a L.A.R.T. by ICANN it looks like and isn't on the second list) http://www.knujon.com/registrars/ The 10 Worst Registrars in terms of spam advertised junk product sites and compliance failure *snip* That's previous years' list, May 2008. The recent list as of Feb 2009 is the first one. (Just in case someone else understands your post like I did, and has a look at the wrong list quoted.) From their site: In May of 2008 KnujOn released a controversial report highlighting Registrars that have a concentration spam, abuse and illicit activity. The report, and follow activity, had a profound and lasting effect on the Registrar world and Internet abuse. We are refreshing this report with data collected after June, 2008 to examine changes. One thing that has not changed is the fact that most abuse is concentrated at a minority of providers. The 83% is a current number with data collected AFTER June 2008. {^_^}
Re: KnujOn - Registrars
On Tue, 2009-02-17 at 00:02 -0800, jdow wrote: http://www.knujon.com/registrars/ The 10 Worst Registrars in terms of spam advertised junk product sites and compliance failure *snip* That's previous years' list, May 2008. The recent list as of Feb 2009 is the first one. (Just in case someone else understands your post like I did, and has a look at the wrong list quoted.) The 83% is a current number with data collected AFTER June 2008. True. So what? The list Michael posted (which I snipped) shows the old data collected BEFORE June 2008. The link referenced does have the recent stats. The OP does not. -- char *t=\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: KnujOn - Registrars
On Tue, 2009-02-17 at 17:44 +0100, Karsten Bräckelmann wrote: The recent list as of Feb 2009 is the first one. (Just in case someone else understands your post like I did, and has a look at the wrong list quoted.) The 83% is a current number with data collected AFTER June 2008. True. So what? The list Michael posted (which I snipped) shows the old data collected BEFORE June 2008. The link referenced does have the recent stats. The OP does not. I have very mixed reaction to having name registrars enforce anti-spamming regs and laws. This is kind of like sanctioning a gun shop because someone bought a gun there and used it in a robbery. GoDaddy caught a _lot_ of flack recently for shutting down domain names based on website content, and rightly so, IMHO. This is a very slippery slope. Sanction the operators of the designated name servers, maybe, or the systems which host the accounts which do the spam distribution, but coming down on registrars seems rather big-brotherish. Once a name is registered, it's on the root name servers and all the registrar does is maintain it in their whois database, although they do have the authority to disable a name for which they're the registrar of record. I'm as offended by spam to me and my customers as anyone, but I'm also a big proponent of open source and net neutrality, and like to see pressure applied where the actual functional responsibility for a mis-deed lies. -- Lindsay Haisley | Everything works|Accredited FMP Computer Services | if you let it | by the 512-259-1190 |(The Roadie) | Austin Better http://www.fmp.com| | Business Bureau
Re: KnujOn - Registrars
From: Lindsay Haisley fmo...@fmp.com Sent: Tuesday, 2009, February 17 09:47 On Tue, 2009-02-17 at 17:44 +0100, Karsten Bräckelmann wrote: The recent list as of Feb 2009 is the first one. (Just in case someone else understands your post like I did, and has a look at the wrong list quoted.) The 83% is a current number with data collected AFTER June 2008. True. So what? The list Michael posted (which I snipped) shows the old data collected BEFORE June 2008. The link referenced does have the recent stats. The OP does not. I have very mixed reaction to having name registrars enforce anti-spamming regs and laws. This is kind of like sanctioning a gun shop because someone bought a gun there and used it in a robbery. GoDaddy caught a _lot_ of flack recently for shutting down domain names based on website content, and rightly so, IMHO. This is a very slippery slope. Sanction the operators of the designated name servers, maybe, or the systems which host the accounts which do the spam distribution, but coming down on registrars seems rather big-brotherish. Once a name is registered, it's on the root name servers and all the registrar does is maintain it in their whois database, although they do have the authority to disable a name for which they're the registrar of record. I'm as offended by spam to me and my customers as anyone, but I'm also a big proponent of open source and net neutrality, and like to see pressure applied where the actual functional responsibility for a mis-deed lies. Lindsay, with due respect I think your opinion above is incomplete. It's correct as far as it goes. But once a fertilizer dealer learns that a customer is making bombs and setting them off in shopping malls I'd expect the dealer to cease selling to that customer or be indicted as a co-conspirator. I would expect the same behavior on the part of YouTube for illegal videos, Slashdot for illegal content (egregious copyright violation), and registrars for aiding identified spammers. I would expect all those who need to be in the supply path for a misdeed to work to remove themselves from that supply path upon proper notification. I would NOT expect them to be proactive in this regard. Reactive is fine and proper. {^_^} Joanne
Re: KnujOn - Registrars
Well, perhaps so Joanne. Registrars are bound by the rules laid out by ICANN, and ICANN requires legitimate contact information in the whois database, along with other procedures. The problem with ICANN is that it's pretty well fubar these days and does horrible stuff. I wouldn't be surprised if they'd take money from spammers. I know they're in bed with the major players in the domain name business at the expense of the little folken. I'm alarmed at some of the stuff GoDaddy did, completely on their own without orders from ICANN. See http://www.nodaddy.com. I don't want the domain name registration system turned into a nanny-state tool. The proper forum through which to lodge complaints against registrars is the ICANN, and ICANN needs to be held accountable for a _lot_ of strange stuff. It's a zoo out there! On Tue, 2009-02-17 at 20:25 -0800, jdow wrote: From: Lindsay Haisley fmo...@fmp.com Sent: Tuesday, 2009, February 17 09:47 On Tue, 2009-02-17 at 17:44 +0100, Karsten Bräckelmann wrote: The recent list as of Feb 2009 is the first one. (Just in case someone else understands your post like I did, and has a look at the wrong list quoted.) The 83% is a current number with data collected AFTER June 2008. True. So what? The list Michael posted (which I snipped) shows the old data collected BEFORE June 2008. The link referenced does have the recent stats. The OP does not. I have very mixed reaction to having name registrars enforce anti-spamming regs and laws. This is kind of like sanctioning a gun shop because someone bought a gun there and used it in a robbery. GoDaddy caught a _lot_ of flack recently for shutting down domain names based on website content, and rightly so, IMHO. This is a very slippery slope. Sanction the operators of the designated name servers, maybe, or the systems which host the accounts which do the spam distribution, but coming down on registrars seems rather big-brotherish. Once a name is registered, it's on the root name servers and all the registrar does is maintain it in their whois database, although they do have the authority to disable a name for which they're the registrar of record. I'm as offended by spam to me and my customers as anyone, but I'm also a big proponent of open source and net neutrality, and like to see pressure applied where the actual functional responsibility for a mis-deed lies. Lindsay, with due respect I think your opinion above is incomplete. It's correct as far as it goes. But once a fertilizer dealer learns that a customer is making bombs and setting them off in shopping malls I'd expect the dealer to cease selling to that customer or be indicted as a co-conspirator. I would expect the same behavior on the part of YouTube for illegal videos, Slashdot for illegal content (egregious copyright violation), and registrars for aiding identified spammers. I would expect all those who need to be in the supply path for a misdeed to work to remove themselves from that supply path upon proper notification. I would NOT expect them to be proactive in this regard. Reactive is fine and proper. {^_^} Joanne -- Lindsay Haisley | Everything works|Accredited FMP Computer Services | if you let it | by the 512-259-1190 |(The Roadie) | Austin Better http://www.fmp.com| | Business Bureau
KnujOn - Registrars
just found this... I know we have a couple tests for some registrars, but seems we missed 'the big guy'. Here is a list of last years, and this years spam by registrar (joker was given a L.A.R.T. by ICANN it looks like and isn't on the second list) http://www.knujon.com/registrars/ The 10 Worst Registrars in terms of spam advertised junk product sites and compliance failure 1. Xinnet Bei Gong Da Software 2. BEIJING Networks 3. Todaynic 4. Joker 5. eNom, Inc. 6. MONIKER 7. Dynamic Dolphin 8. The Nameit Co/AITDOMAINS.COM 9. PDR 10. Intercosmos/DIRECTNIC -- Michael Scheidell, CTO Phone: 561-999-5000, x 1259 *| *SECNAP Network Security Corporation * Certified SNORT Integrator * King of Spam Filters, SC Magazine 2008 * Information Security Award 2008, Info Security Products Guide * CRN Magazine Top 40 Emerging Security Vendors * Finalist 2009 Network Products Guide Hot Companies _ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ _
Re: KnujOn - Registrars
Here is a list of last years, and this years spam by registrar (joker was given a L.A.R.T. by ICANN it looks like and isn't on the second list) http://www.knujon.com/registrars/ The 10 Worst Registrars in terms of spam advertised junk product sites and compliance failure *snip* That's previous years' list, May 2008. The recent list as of Feb 2009 is the first one. (Just in case someone else understands your post like I did, and has a look at the wrong list quoted.) -- char *t=\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}