ICANN ICANN Email List Archives

[gnso-ff-pdp-may08]

<<< Chronological Index >>>    <<< Thread Index >>>

RE: [gnso-ff-pdp-may08] The Registries question

  • To: gaaron@xxxxxxxxxxxx
  • Subject: RE: [gnso-ff-pdp-may08] The Registries question
  • From: Joe St Sauver <joe@xxxxxxxxxxxxxxxxxx>
  • Date: Thu, 17 Jul 2008 11:52:54 -0700
Greg mentioned...

#* It is very difficult to tell if a given WHOIS record is accurate or not.
#Cyber-criminals often appropriate the details of real, innocent people;
#others use proxy services; certain spammers set up companies that are very
#respectable-looking on the surface; it is difficult to obtain databases
#needed to confirm addresses world-wide; etc.

While all those things are certainly true, address verification has come a
long ways from where it once was, and many examples are trivial. For example,
consider nbnnen[dot]com (a knock-off "replica watch" site listed on the SURBL 
and the URIBL block lists) 

Note, this is NOT a fastflux domain, merely an example provided here
as an example of the problem of inaccurate whois... I've substituted [dot]
for the dot in the domains to avoid triggering spam filtering for some of
you...

nbnnen[dot]com --> 89.44.142.100 -->
   server-142-100.draculahosting[dot]com --> NXDOMAIN
89.44.142.100 --> AS42617 (SC PromoArt SRL, Aurel Vlaicu nr. 55B camera 3,
   Suceava Suceava 720092 Romania)

89.44.142/24 is on the SBL at www.spamhaus.org/sbl/sbl.lasso?query=SBL65873

[whois.bizcn[dot]com]
[snip]
Domain name: nbnnen[dot]com

Registrant Contact:
   qu wei
   wei qu 99911001@qq[dot]com
   +86.2986716548 fax: +86.2986716548
   Shangxi xian          <-- note that what would normally be a street address
   xian Shangxi 710004       or po box is just the province/city from the
   cn                        next line, in reversed order

Administrative Contact:
   wei qu 99911001@qq[dot]com
   +86.2986716548 fax: +86.2986716548
   Shangxi xian
   xian Shangxi 710004
   cn

Technical Contact:
   wei qu 99911001@qq[dot]com
   +86.2986716548 fax: +86.2986716548
   Shangxi xian
   xian Shangxi 710004
   cn

Billing Contact:
   qu wei 99911001@qq[dot]com
   +86.2986716548 fax: +86.2986716548
   Shangxi xian
   xian Shangxi 710004
   cn

DNS:
ns1.ssprior.mobi   <-- name servers are on 89.44.142.100 too...
ns2.ssprior.mobi   <-- 89.44.142.100

Created: 2008-07-14
Expires: 2009-07-14

I have over five hundred related domains, all of which I believe are
equally flawed, but I'll spare sending those to the list.

Committee members interested in a copy of the list of related domains 
can receive one by sending me a copy of your PGP public key (I'll encrypt 
the list I send you to insure that it doesn't get blocked by various
security systems you may be using)

Regards,

Joe

Disclaimer: all opinions my own
<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy