Feeds

The aftermath of a domain name hijack

Panix picks up the pieces

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

The industry needs to find a way to establish stronger trust in registrars if it is to avoid a repeat of last weekend's hijacking of the Panix.com domain name, says Alexis Rosen, Panix president.

He sees a problem in a system where so many entities are able to act as registrars, when that same system bases its stability on registrars being trustworthy. He argues that unless that trust can be strengthened, stronger penalties are needed for those who violate it.

New York based ISP Panix.com was the victim of a domain name hijack last weekend when Australian registrar Melbourne IT failed to properly confirm a transfer request for the domain name. The registrar says the loophole that caused the problem has been closed, now.

The rules governing domain name transfers were changed last November, in an effort to simplify a very bureaucratic process. However, some in the industry warned that the new rules - under which the domain owner must intervene within five days to stop an inter-registry transfer request - would make it easier for people to hijack domains.

Rosen suspects that the Panix.com name was hijacked to make just that point, but says there are other possible motives too. "Several have been suggested. I don't find any of them much more strongly compelling than the others."

So far, he says, the following scenarios seem plausible: that it was an attempt to hurt Panix - "We've made many enemies in the black-hat community over the years"; that it was an attempt to point out problems in the domain transfer process; it was done for publicity, and so serve as a warning to others, or that it was for direct financial gain.

This last possibility is become less likely as time passes: "Nobody's written to threaten us with another transfer if we don't pay up, or anything like that," Rosen says.

But how to stop it happening again? "This is an incredibly difficult subject, because certain operational requirements must be met," Rosen says. "But political interests control the process."

This is something of an understatement. Trying to persuade anyone to take final responsibility for the domain name system and domain name registration is a bit like trying to persuade Microsoft to show us a bit of source code. A system designed by consensus does not lend itself to top-down regulation.

Network Solutions has locked its customers' domain names, which means they need to approve any transfer requests. There have been suggestions that Panix's domain was locked, but that it was transferred anyway. Rosen says he is investigating this still, and doesn't have all the information he needs, yet.

As for Melbourne IT's statement on the hijack, he says it is a reasonably accurate reflection of his own assessment. But he would have appreciated an apology:

"I have no argument with it, except for the way he so carefully distances himself and MelbourneIT from it even while eventually admitting culpability. It takes an entire large paragraph to do that, and not once do we see 'We were responsible', much less 'We're sorry'. I think the thousands of people involved would have liked to see some sort of apology."

Apologies aside, Rosen says Panix's priorities right now are to deal with customer queries, try to straighten out the perception of what actually happened, and to "work with law enforcement agencies to try to catch the people responsible". ®

Related stories

Panix.com hijack: Aussie firm shoulders blame
Panix recovers from domain hijack
ICANN goes domain crazy
ICANN selects its wardens
ICANN pitches the internet's future

High performance access to file storage

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T dangles gigabit broadband plans over 100 US cities
So soon after a mulled Google Fiber expansion, fancy that
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
Turnbull gave NBN Co NO RULES to plan blackspot upgrades
NBN Co faces huge future Telstra bills and reduces fibre footprint
NBN Co plans fibre-to-the-basement blitz to beat cherry-pickers
Heading off at the pass operation given same priority as blackspot fixing
NBN Co in 'broadband kit we tested worked' STUNNER
Announcement of VDSL trial is not proof of concept for fibre-to-the-node
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.