Violet... (and the rest of the Security-Basics readers) I spoke with a manager over at NetSol and they gave me a suggestion. So long as you don't need to make frequent changes to your DNS information regarding where your site is residing, you can set up a locked down registration with NetSol. Basically, you send in a fax on company letterhead, signed by either Pres, VP, CEO, CTO, etc. stating you want to "lockdown" your domain name. Then, the only way to have changes posted to your NIC handle or domain is to first "unlock" the domain with another fax authorization. Then, the administrative or technical contacts can make changes again through the normal NetSol avenues (mail-from, PGP, etc). It is a somewhat painstaking process if you plan on making frequent changes with your domain.
Basically, this is just one of the many things I have done to protect my domain since the event took place. So far the perpetrator's ISP and hosting company have shut him down based upon the strengths of my e-mails to them. You have to love the flexibility of whois queries and the vast information they can provide (assuming the data is not falsified). I'm also lucky that the perpetrator e-mailed me directly and I was able to pull information from his mail headers. So there you have it. I hope this works for you as well as I hope it will work for me! Also, if you come across other solutions in your dealing with NetSol, I'd love if you could share them with me in the future. Good luck! Bejon BTW...Having a whois client app/utility around on your network is a very nice thing. It's built in with most flavors of *nix, but there are free clients for win32 online. Check out www.download.com for a few. -----Original Message----- From: VioletWork [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 2:55 PM To: [EMAIL PROTECTED]; Security-Basics (E-mail) Subject: Re: Web Pilfering Hey Bejon If you figure this out, let me know as I have MAJOR issues with NetSucks (sol) who let this kind of pilfering go on! It has happened to me too. /Violet Weed Director Roo Networks Scotts Valley, CA ----- Original Message ----- From: "Bejon Parsinia" <[EMAIL PROTECTED]> To: "Security-Basics (E-mail)" <[EMAIL PROTECTED]> Sent: Tuesday, February 19, 2002 11:18 AM Subject: Web Pilfering Good day all, I was wondering if anyone knew of online agencies (other than NetSol and other domain registrants) where I can report someone's attempt to pilfer and steal my domain name? Someone has already suggested I go straight to the FBI on this, but that seems a bit extreme to me. Please let me know if you feel I am wrong, or if you can suggest other adequate and resolute avenues for this incident. Just so you know what information I have on file, I have a web url that they have used to recreate my hosting provider's "look and feel" with, the whois information for the domain they used, e-mail header information including IP addresses and domain names, 2 false change requests from our internet registrant, and approximately 4 e-mails from the perpetrator of this event attempting to lure us into supplying them with pertinent information. Thank you greatly for any assistance you provide. Sincerely, Bejon Parsinia