ICANN ICANN Email List Archives

[gnso-ff-pdp-may08]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [gnso-ff-pdp-may08] Re: [ntfy-gnso-ff-pdp-may08] FW: example: using fast-flux to escape censorship

  • To: Marc Perkel <marc@xxxxxxxxxx>, Glen de Saint Géry <Glen@xxxxxxxxx>
  • Subject: Re: [gnso-ff-pdp-may08] Re: [ntfy-gnso-ff-pdp-may08] FW: example: using fast-flux to escape censorship
  • From: Philip Lodico <phil.lodico@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 15 Jul 2008 18:25:17 -0400

Playing devils advocate a bit - With ICANN being a global organization, and
if ICANN is considering potential action on fast-flux, wouldn¹t the Chinese
representatives not want a tool that bypasses their government policies?
They might argue that this is not ³legitimate² use.



On 7/15/08 5:51 PM, "Marc Perkel" <marc@xxxxxxxxxx> wrote:

> OK - so if there is a legitimate used for fast flux then that kills the
> solution to restrict name server TTLs to higher values because if we do then
> we can't circumvent Chinese censorship. Wouldn't we have to allow some people
> to fast flux and not others?
> 
> Glen de Saint Géry wrote:
>>  
>> Posted on behalf of Greg Aaron
>> Subject: example: using fast-flux to escape censorship
>> 
>> Dear group:
>>   
>>  
>>>  
>>> I'm posting this to the private list because it
>>> is more suitable for group members' eyes only for confidentiality purposes.
>>> 
>>> Wendy, Dave, and Eric have each touched on
>>> whether there may be legitimate uses of
>>> fast-flux hosting by entities that use it to
>>> escape censorship.  Let's examine a real-world
>>> example to see if it fits.  Below are query
>>> results for a real domain.  The TTL is 60, and
>>> the IPs are being changed rapidly and are
>>> globally distributed on multiple ASNs.  It
>>> therefore seems to meet the definition of fast-flux.
>>> 
>>> The registrant is an entity called Domain
>>> UltraReach.  Domain UltraReach says it offers a
>>> proxy service designed to allow Web users to
>>> circumvent Chinese government Internet censorship.
>>> <
>>> <http://www.ultrareach.com/company/aboutus.htm>http://www.ultrareach.com/com
>>> pany/aboutus.htm
>>>     
>>>  
>>> Domain UltraReach operates multiple such fluxy domain names besides the
>>> below.
>>> 
>>> So, what do we have here?
>>> 
>>> Domain Query / Query timestamp / name server / IP result / AS
>>> AVONMPRODUCTS.INFO 2008-06-03 20:26
>>> ns1.AVONMPRODUCTS.INFO 204.0.5.32 NTT-COMMUNICATIONS-2914 - NTT America,
>>> Inc.
>>> AVONMPRODUCTS.INFO 2008-06-03 20:26
>>> ns1.AVONMPRODUCTS.INFO 204.252.142.121 UUNET -
>>> MCI Communications Services, Inc. d/b/a Verizon Business
>>> AVONMPRODUCTS.INFO 2008-06-03 20:26
>>> ns1.AVONMPRODUCTS.INFO 204.223.32.233
>>> PENS-NET-AS - Navy Network Information Center (NNIC)
>>> AVONMPRODUCTS.INFO 2008-06-03 20:26
>>> ns2.AVONMPRODUCTS.INFO 64.151.115.197 SERVEPATH - ServePath, LLC
>>> AVONMPRODUCTS.INFO 2008-06-03 20:26
>>> ns2.AVONMPRODUCTS.INFO 64.196.254.49 MCLEOD - McLeod, Inc.
>>> AVONMPRODUCTS.INFO 2008-06-03 20:26
>>> ns2.AVONMPRODUCTS.INFO 64.4.109.127 NTELOSINC - Ntelos Inc.
>>> AVONMPRODUCTS.INFO 2008-06-03 18:51
>>> ns1.AVONMPRODUCTS.INFO 221.192.149.102
>>> CHINA169-BACKBONE CNCGROUP China169 Backbone
>>> AVONMPRODUCTS.INFO 2008-06-03 18:51
>>> ns1.AVONMPRODUCTS.INFO 221.234.155.122 CHINANET-BACKBONE No.31,Jin-rong
>>> Street
>>> AVONMPRODUCTS.INFO 2008-06-03 18:51
>>> ns1.AVONMPRODUCTS.INFO 221.141.216.67 HANARO-AS Hanaro Telecom Inc.
>>> AVONMPRODUCTS.INFO 2008-06-03 18:51
>>> ns2.AVONMPRODUCTS.INFO 194.67.57.226 SOVAM-AS Golden Telecom, Moscow, Russia
>>> AVONMPRODUCTS.INFO 2008-06-03 18:51 ns2.AVONMPRODUCTS.INFO 194.13.52.50
>>> AVONMPRODUCTS.INFO 2008-06-03 18:51
>>> ns2.AVONMPRODUCTS.INFO 194.121.16.127 KPN KPN Internet Backbone AS
>>> AVONMPRODUCTS.INFO 2008-06-03 17:17
>>> ns1.AVONMPRODUCTS.INFO 212.129.63.31 SKYROCK Skyrock content delivery
>>> network
>>> AVONMPRODUCTS.INFO 2008-06-03 17:17
>>> ns1.AVONMPRODUCTS.INFO 212.105.133.231 Euronext
>>> AVONMPRODUCTS.INFO 2008-06-03 17:17
>>> ns1.AVONMPRODUCTS.INFO 212.230.244.4 AS15704 Xtratelecom Spain AS
>>> AVONMPRODUCTS.INFO 2008-06-03 17:17
>>> ns2.AVONMPRODUCTS.INFO 219.239.94.45 DXTNET
>>> Beijing Dian-Xin-Tong Network Technologies Co., Ltd.
>>> AVONMPRODUCTS.INFO 2008-06-03 17:17
>>> ns2.AVONMPRODUCTS.INFO 219.10.51.50 GIGAINFRA BB TECHNOLOGY Corp.
>>> AVONMPRODUCTS.INFO 2008-06-03 17:17
>>> ns2.AVONMPRODUCTS.INFO 219.98.11.127 SO-NET So-net Entertainment Corporation
>>> AVONMPRODUCTS.INFO 2008-06-03 09:41
>>> ns1.AVONMPRODUCTS.INFO 79.170.89.4 XL-AS XL Network
>>> AVONMPRODUCTS.INFO 2008-06-03 09:41 ns1.AVONMPRODUCTS.INFO 79.44.193.230
>>> AVONMPRODUCTS.INFO 2008-06-03 09:41
>>> ns1.AVONMPRODUCTS.INFO 79.219.201.4 DTAG Deutsche Telekom AG
>>> AVONMPRODUCTS.INFO 2008-06-03 09:41
>>> ns2.AVONMPRODUCTS.INFO 212.27.48.10 PROXAD AS for Proxad/Free ISP
>>> AVONMPRODUCTS.INFO 2008-06-03 09:41
>>> ns2.AVONMPRODUCTS.INFO 212.222.48.229 INTEROUTE Interoute Communications Ltd
>>> AVONMPRODUCTS.INFO 2008-06-03 09:41
>>> ns2.AVONMPRODUCTS.INFO 212.123.105.4 IP-EXCHANGE IP Exchange GmbH
>>> AVONMPRODUCTS.INFO 2008-06-03 07:13
>>> ns1.AVONMPRODUCTS.INFO 209.17.70.11 PHOTOBUCKET - PHOTOBUCKET.COM, INC.
>>> AVONMPRODUCTS.INFO 2008-06-03 07:13
>>> ns1.AVONMPRODUCTS.INFO 209.71.142.194 VOICENET - Voicenet
>>> AVONMPRODUCTS.INFO 2008-06-03 07:13
>>> ns1.AVONMPRODUCTS.INFO 209.66.40.124 JERSEY - InterActive Network Services
>>> AVONMPRODUCTS.INFO 2008-06-03 07:13
>>> ns2.AVONMPRODUCTS.INFO 65.214.39.56 WAN - Worldcom Advance Networks
>>> AVONMPRODUCTS.INFO 2008-06-03 07:13
>>> ns2.AVONMPRODUCTS.INFO 65.88.255.172 LVLT-8043 - Level 3 Communications,
>>> Inc.
>>> AVONMPRODUCTS.INFO 2008-06-03 07:13
>>> ns2.AVONMPRODUCTS.INFO 65.77.20.79 ETHERN -
>>> Global Communications INTERNETworking Corp.
>>> AVONMPRODUCTS.INFO 2008-06-03 04:46
>>> ns1.AVONMPRODUCTS.INFO 38.99.77.80 EZRI-36323 - Ezri Inc
>>> AVONMPRODUCTS.INFO 2008-06-03 04:46
>>> ns1.AVONMPRODUCTS.INFO 38.180.8.183 COGENT Cogent/PSI
>>> AVONMPRODUCTS.INFO 2008-06-03 04:46
>>> ns1.AVONMPRODUCTS.INFO 38.172.214.108 COGENT Cogent/PSI
>>> AVONMPRODUCTS.INFO 2008-06-03 04:46
>>> ns2.AVONMPRODUCTS.INFO 198.172.81.21
>>> NTT-COMMUNICATIONS-2914 - NTT America, Inc.
>>> AVONMPRODUCTS.INFO 2008-06-03 04:46
>>> ns2.AVONMPRODUCTS.INFO 198.85.245.171 NCREN - MCNC
>>> AVONMPRODUCTS.INFO 2008-06-03 04:46
>>> ns2.AVONMPRODUCTS.INFO 198.94.171.227 LEVEL3 Level 3 Communications
>>> AVONMPRODUCTS.INFO 2008-06-03 02:26
>>> ns1.AVONMPRODUCTS.INFO 193.33.59.200 GRONO-AS grono.net
>>> AVONMPRODUCTS.INFO 2008-06-03 02:26
>>> ns1.AVONMPRODUCTS.INFO 193.6.168.165 HBONE-AS HUNGARNET
>>> AVONMPRODUCTS.INFO 2008-06-03 02:26
>>> ns1.AVONMPRODUCTS.INFO 193.248.13.227 AS3215 France Telecom - Orange
>>> AVONMPRODUCTS.INFO 2008-06-03 02:26
>>> ns2.AVONMPRODUCTS.INFO 63.99.250.195 WAN - Worldcom Advance Networks
>>> AVONMPRODUCTS.INFO 2008-06-03 02:26
>>> ns2.AVONMPRODUCTS.INFO 63.88.39.116 UUNET - MCI
>>> Communications Services, Inc. d/b/a Verizon Business
>>> AVONMPRODUCTS.INFO 2008-06-03 02:26
>>> ns2.AVONMPRODUCTS.INFO 63.11.31.2 UUNET - MCI
>>> Communications Services, Inc. d/b/a Verizon Business
>>> AVONMPRODUCTS.INFO 2008-06-03 00:11
>>> ns1.AVONMPRODUCTS.INFO 85.17.132.149 LEASEWEB LEASEWEB AS
>>> AVONMPRODUCTS.INFO 2008-06-03 00:11
>>> ns1.AVONMPRODUCTS.INFO 85.187.85.229 B-NET BiConsult Eood
>>> AVONMPRODUCTS.INFO 2008-06-03 00:11
>>> ns1.AVONMPRODUCTS.INFO 85.237.255.4 ORANGE SLOVENSKO Autonomous system
>>> AVONMPRODUCTS.INFO 2008-06-03 00:11
>>> ns2.AVONMPRODUCTS.INFO 15.201.49.22 HP-DIGITAL-10782 - Hewlett-Packard
>>> Company
>>> AVONMPRODUCTS.INFO 2008-06-03 00:11
>>> ns2.AVONMPRODUCTS.INFO 15.200.102.165
>>> TELSTRA-AS-AP Telstra International HK Limited
>>> AVONMPRODUCTS.INFO 2008-06-03 00:11
>>> ns2.AVONMPRODUCTS.INFO 15.54.195.227 HP-INTERNET-AS Hewlett-Packard Company
>>> AVONMPRODUCTS.INFO 2008-06-02 21:59
>>> ns1.AVONMPRODUCTS.INFO 201.7.178.45 TV GLOBO LTDA
>>> AVONMPRODUCTS.INFO 2008-06-02 21:59
>>> ns1.AVONMPRODUCTS.INFO 201.213.120.166 Prima S.A.
>>> AVONMPRODUCTS.INFO 2008-06-02 21:59
>>> ns1.AVONMPRODUCTS.INFO 201.48.105.79 Companhia
>>> de Telecomunicacoes do Brasil Central
>>> AVONMPRODUCTS.INFO 2008-06-02 21:59
>>> ns2.AVONMPRODUCTS.INFO 66.70.92.80 DATAPIPE - DataPipe
>>> AVONMPRODUCTS.INFO 2008-06-02 21:59
>>> ns2.AVONMPRODUCTS.INFO 66.246.26.231 NET-ACCESS-CORP - Net Access
>>> Corporation
>>> AVONMPRODUCTS.INFO 2008-06-02 21:59
>>> ns2.AVONMPRODUCTS.INFO 66.125.111.4 SBIS-AS - AT&T Internet Services
>>> AVONMPRODUCTS.INFO 2008-06-02 19:47
>>> ns1.AVONMPRODUCTS.INFO 199.89.199.26 MATTEL - Mattel, Inc.
>>> AVONMPRODUCTS.INFO 2008-06-02 19:47
>>> ns1.AVONMPRODUCTS.INFO 199.217.173.127
>>> NTT-COMMUNICATIONS-2914 - NTT America, Inc.
>>> AVONMPRODUCTS.INFO 2008-06-02 19:47 ns1.AVONMPRODUCTS.INFO 199.7.82.67
>>> AVONMPRODUCTS.INFO 2008-06-02 19:47
>>> ns2.AVONMPRODUCTS.INFO 212.48.10.150 MATRIX-AS Matrix S.p.A.
>>> AVONMPRODUCTS.INFO 2008-06-02 19:47
>>> ns2.AVONMPRODUCTS.INFO 212.121.2.112 JANET The JANET IP Service
>>> AVONMPRODUCTS.INFO 2008-06-02 19:47
>>> ns2.AVONMPRODUCTS.INFO 212.23.66.67 Ural Relcom Ltd.
>>> AVONMPRODUCTS.INFO 2008-06-02 17:48
>>> ns1.AVONMPRODUCTS.INFO 66.135.200.146 EBAY - eBay, Inc
>>> AVONMPRODUCTS.INFO 2008-06-02 17:48
>>> ns1.AVONMPRODUCTS.INFO 66.70.35.110 DATAPIPE - DataPipe
>>> AVONMPRODUCTS.INFO 2008-06-02 17:48
>>> ns1.AVONMPRODUCTS.INFO 66.228.240.2 PRMTC - Park Region Mutual Telephone Co
>>> AVONMPRODUCTS.INFO 2008-06-02 17:48
>>> ns2.AVONMPRODUCTS.INFO 60.12.228.40
>>> CHINA169-BACKBONE CNCGROUP China169 Backbone
>>> AVONMPRODUCTS.INFO 2008-06-02 17:48
>>> ns2.AVONMPRODUCTS.INFO 60.148.167.56 GIGAINFRA BB TECHNOLOGY Corp.
>>> AVONMPRODUCTS.INFO 2008-06-02 17:48
>>> ns2.AVONMPRODUCTS.INFO 60.101.119.4 GIGAINFRA BB TECHNOLOGY Corp.
>>> 
>>> 
>>> 
>>> **********************************
>>> Greg Aaron
>>> Director, Key Account Management and Domain Security
>>> Afilias
>>> vox: +1.215.706.5700 x104
>>> fax: 1.215.706.5701
>>> gaaron@xxxxxxxxxxxx
>>> **********************************
>>> The information contained in this message may be
>>> privileged and confidential and protected from
>>> disclosure. If the reader of this message is not
>>> the intended recipient, or an employee or agent
>>> responsible for delivering this message to the
>>> intended recipient, you are hereby notified that
>>> any dissemination, distribution or copying of
>>> this communication is strictly prohibited. If
>>> you have received this communication in error,
>>> please notify us immediately by replying to the
>>> message and deleting it from your computer.
>>> 
>>> 
>>> No virus found in this incoming message.
>>> Checked by AVG - http://www.avg.com
>>> Version: 8.0.138 / Virus Database: 270.4.11/1553
>>> - Release Date: 7/15/2008 5:48 AM
>>>     
>>>  
>>  
>> 
>> 
>> 
>>   
> 

--

Philip M. Lodico, Managing Partner
FairWinds Partners, LLC
2122 P Street, NW
Suite 300
Washington, DC 20037
Work: +1 202.223.9253
Mobile: +1 917.756.8907
Fax: +1 202.223.9256
phil.lodico@xxxxxxxxxxxxxxxxxxxxx

Please visit the Web site CADNA, The Coalition Against Domain Name Abuse at:
http://www.cadna.org

This message is intended only for the use of the addressee and may contain
information that is privileged, confidential and exempt from disclosure
under applicable law. If the reader of this message is not the intended
recipient, or the employee or agent responsible for delivering the message
to the intended recipient, you are hereby notified that any dissemination,
distribution or copying of this communication is strictly prohibited. If you
have received this e-mail in error, please notify us immediately by return
e-mail and delete this e-mail and all attachments from your system.



<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy