funsec mailing list archives
RE: myspace makes GoDaddy take out Fyodor
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Fri, 26 Jan 2007 10:31:17 -0500
As an aside, using the DNS system to censor Web sites is sometimes necessary. Back in 2004, a number of folks and myself investigated a piece of malware that turned people's home computers into Web proxy servers in order to host porn and phishing Web sites. Every 10 minutes, DNS records would get updated to move a Web site from one home computer to another. The goal was to make it hard to shut down the Web sites. I tried to get the domain registration company to turn off the domain names being used by the scammers, but had no luck. The system was finally shut down when analysis of the malware showed that a master host system at Everyone's Internet was running the whole show. Turning off the master killed the network of scam Web sites. Had the scammers moved the master system around to other hijacked home computers, the DNS system might have been the only way to turn off the scam network. Richard -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Fyodor Sent: Friday, January 26, 2007 1:42 AM To: Nick FitzGerald Cc: FunSec LList Subject: Re: [funsec] myspace makes GoDaddy take out Fyodor On Fri, Jan 26, 2007 at 04:48:58PM +1300, Nick FitzGerald wrote:
Blue Boar wrote: I guess, as a customer, maybe that's what you should expect from a $8.95/yr/.com registrar??
$10 per domain-year adds up. Last month I did a bunch of multi-year renewals and paid GoDaddy well over $1,000. But I don't think their shutdown policy should be based on how much a customer pays.
Their margins are pretty thin so they won't invest much effort in defending you (as a customer) against a "big" complaint from a big complainer.
I don't expect them to invest much effort. They should have just told MySpace to email/call/sue the registrant (Insecure.Com LLC) and/or contact our ISP. Our phone number and email address are in whois and all over the site. It is not the registrar's job to police the content of our web sites. And even if they do suspend a domain, the web content is still available to anyone who knows the IP, has the DNS record cached, or access the site through a different domain name. So contacting the hosting provider or ISP can be more effective. If Myspace had presented GoDaddy with a court order to remove the domain record, that would be different. But GoDaddy should have just bounced this complaint to us rather than suspending our domain with no warning or reason given. Cheers, Fyodor _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- myspace makes GoDaddy take out Fyodor Blue Boar (Jan 25)
- Re: myspace makes GoDaddy take out Fyodor Nick FitzGerald (Jan 25)
- Re: myspace makes GoDaddy take out Fyodor Fyodor (Jan 25)
- RE: myspace makes GoDaddy take out Fyodor Richard M. Smith (Jan 26)
- RE: myspace makes GoDaddy take out Fyodor Larry Seltzer (Jan 26)
- Re: myspace makes GoDaddy take out Fyodor crazy frog crazy frog (Feb 01)
- Re: myspace makes GoDaddy take out Fyodor Fyodor (Jan 25)
- Re: myspace makes GoDaddy take out Fyodor Nick FitzGerald (Jan 25)
- <Possible follow-ups>
- Re: myspace makes GoDaddy take out Fyodor Juha-Matti Laurio (Feb 02)