Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Register.com suffers further DOS attack

From: David Farber <dave () farber net>
Date: Fri, 3 Apr 2009 18:47:35 -0400


Begin forwarded message:

From: Ross Rader <ross () tucows com>
Date: April 3, 2009 1:03:04 PM EDT
To: dave () farber net
Cc: "ip" <ip () v2 listbox com>
Subject: Re: [IP] Re:    Register.com suffers further DOS attack
I am as well surprised this hasn't been covered more. This has caused serious downtime to a number of medical ASP solutions that I am aware of effecting operations at some of the East Coasts most well recognized hospitals.
Ultimately this issue shows how truly vulnerable the Internet is. We were all sitting around waiting for a "worm" to cause trouble on April 1st; this issue takes the cake. 


Greetings David - (please feel free to share this with IP if you wish)
The Register.com outage doesn't show that the Internet is vulnerable - it shows how readily people put all their eggs in one basket. Domain sellers make it very easy for purchasers of Internet services to create central points of failure for themselves based on how these services are sold and used. 

(obDisclaimer: I work for a registrar)
DNS resolution, Hosting and Domain Registration are all separate technical functions.
Register.com, and most other registrars, most commonly sell bundles of services and add-ons that will help their customers "light up" their domain registration with DNS and other Internet services. However, there is no requirement for these services are sold, or used in this matter. This is an artifact of the market, of convenience, and not one of technical necessity (or ICANN regulation).
Register.com is only a single point of failure if you let them be. It is trivial to use a registrar simply for registering names, using another provider to operate your DNS, a third for your website hosting and a fourth for your email services (or doing those last three yourself - which I admit is a fairly complex endeavor, probably more than what most folks are equipped to pick up themselves).
A thoroughly disintegrated Internet service strategy means that the failure of your registrar should only prevent you from updating your Whois record.
I'm a big believer that at the very least, domain owners should separate the operation of their technical hosting from their domain registration and resolution. At a minimum, this will help them minimize any issues they might have choosing a new provider for their hosting services if that provider turns out to be a dud, which in today's market, is all too common (a topic for another post, but it is difficult for a company to provide 'all-you-can-eat hosting" for $2.99/ yr and properly support those customers). At the very least, if your domain services are separate, you can find a new host quickly, re- upload your content and be back online in hours without having to figure out how to get your hold host provider to stop holding your domain name hostage. 


best,


Ross Rader
General Manager, Hover
t. 416.538.5492

The Easiest Way To Buy and Use Your Domain Names
http://www.hover.com

Check out our blog at: http://stuff.hover.com
Hover on Twitter: http://about.hover.com/twitter

Check my availability at:
http://rossrader.com/available


..sent from my phone





-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: