Feeds

The aftermath of a domain name hijack

Panix picks up the pieces

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

The industry needs to find a way to establish stronger trust in registrars if it is to avoid a repeat of last weekend's hijacking of the Panix.com domain name, says Alexis Rosen, Panix president.

He sees a problem in a system where so many entities are able to act as registrars, when that same system bases its stability on registrars being trustworthy. He argues that unless that trust can be strengthened, stronger penalties are needed for those who violate it.

New York based ISP Panix.com was the victim of a domain name hijack last weekend when Australian registrar Melbourne IT failed to properly confirm a transfer request for the domain name. The registrar says the loophole that caused the problem has been closed, now.

The rules governing domain name transfers were changed last November, in an effort to simplify a very bureaucratic process. However, some in the industry warned that the new rules - under which the domain owner must intervene within five days to stop an inter-registry transfer request - would make it easier for people to hijack domains.

Rosen suspects that the Panix.com name was hijacked to make just that point, but says there are other possible motives too. "Several have been suggested. I don't find any of them much more strongly compelling than the others."

So far, he says, the following scenarios seem plausible: that it was an attempt to hurt Panix - "We've made many enemies in the black-hat community over the years"; that it was an attempt to point out problems in the domain transfer process; it was done for publicity, and so serve as a warning to others, or that it was for direct financial gain.

This last possibility is become less likely as time passes: "Nobody's written to threaten us with another transfer if we don't pay up, or anything like that," Rosen says.

But how to stop it happening again? "This is an incredibly difficult subject, because certain operational requirements must be met," Rosen says. "But political interests control the process."

This is something of an understatement. Trying to persuade anyone to take final responsibility for the domain name system and domain name registration is a bit like trying to persuade Microsoft to show us a bit of source code. A system designed by consensus does not lend itself to top-down regulation.

Network Solutions has locked its customers' domain names, which means they need to approve any transfer requests. There have been suggestions that Panix's domain was locked, but that it was transferred anyway. Rosen says he is investigating this still, and doesn't have all the information he needs, yet.

As for Melbourne IT's statement on the hijack, he says it is a reasonably accurate reflection of his own assessment. But he would have appreciated an apology:

"I have no argument with it, except for the way he so carefully distances himself and MelbourneIT from it even while eventually admitting culpability. It takes an entire large paragraph to do that, and not once do we see 'We were responsible', much less 'We're sorry'. I think the thousands of people involved would have liked to see some sort of apology."

Apologies aside, Rosen says Panix's priorities right now are to deal with customer queries, try to straighten out the perception of what actually happened, and to "work with law enforcement agencies to try to catch the people responsible". ®

Related stories

Panix.com hijack: Aussie firm shoulders blame
Panix recovers from domain hijack
ICANN goes domain crazy
ICANN selects its wardens
ICANN pitches the internet's future

Combat fraud and increase customer satisfaction

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
Facebook splats in-app chat, whacks brats into crack yakety-yak app
Jibber-jabbering addicts turfed out just as Zuck warned
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.