[At-Large] Fast Flux & Domain tasting

Fri Aug 10 20:42:01 EDT 2007

This is the first I've heard of Fast Flux, but just read the articles Allen
attached.  Very interesting.

It seems like what we're talking about over and over are servers located in
overseas locations that are constantly providing scams (phishing, farming,
etc.).  They'll do this because they know they can get away with it.  In one
of the articles I noticed a constant reference to a co.hk extension, and
another article mentioned China.  We all know of scams originating from
Africa and Europe and Russia.  I wouldn't suggest that it doesn't happen in
the US, but I think ISPs in the US are much more eager to shut them down.
But, what if the scammers are the ISP?  I truly believe that 90% of all our
problems are due to the mafia-style collusion between the crooks and ISPs in
countries like China, the Balkans, and Central Africa.  I also think that it
would be easy as cake to identify the culprits, should we actually take it
seriously.

At some point, I think there needs to be an ICANN-level task force that can
go in an repatriate IP#s that are causing serious problems, working through
the ccTLD managers and numbering authorities.  Some type of enforcement is
inevitable and logical.

In reality, there's not much we can do except make it more difficult for
people to operate that are up to no good.  Giving unlimited access to WHOIS
data and letting the traditional legal process play out is obviously not the
antidote.  Similarly, having faith that Yahoo's spam filter will save the
day is preposterous.

I've been against the tasting issue from the beginning just because it
doesn't make sense, but I'm not sure that it's the cause of the problem.
I'm fairly sure it's a contributor to the problem but not the cause.
Remember though, as we issue more TLDs and make it easier for these guys to
operate by having the Add-Grace Period, the problem will continually get
worse until the Internet is irreversibly destabilized.

Randy Glass
A at L

On 8/10/07, Robert Guerra <lists at privaterra.info> wrote:
>
> There's an interesting discussion taking place on the SSAC list in
> regards to the fast flux issue.
>
> Here's a recent comment from the SSAC list -
>
>
> Domain tasting is an optimisation of the domain name
> monetisation business model, where a registrant earns money from PPC ads
> placed on a parked webpage.   For monetisation you don't actually want
> to change the DNS information often.
>
> Fast Flux is more associated with using a domain name for an email
> address or URL that has been used in SPAM email.
> Due to the millions of emails that are floating around there is value in
> ensuring that the domain name used is not shut-down prematurely.   Thus
> those involved will try to make the WHOIS and other more visible
> information as legitimate looking as possible (stopping the registrar
> shutting down the domain), but bounce the hosting of the email or
> website amongst various locations to avoid a hosting company or ISP
> shutting down the service at the source - or blocking the offending IP
> address at the entry point to a service providers network.
>
> Any comments?
>
>
> regards,
>
> Robert
> ---
> Robert Guerra <rguerra at privaterra.ca>
> Managing Director, Privaterra
> Tel +1 416 893 0377
>
>
>
>
> _______________________________________________
> ALAC mailing list
> ALAC at atlarge-lists.icann.org
>
> http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
>
> At-Large Official Site: http://www.alac.icann.org
> ALAC Independent: http://www.icannalac.org
>

-- 
-------------------------
AmericaAtLarge.org
RJPacific.com
DDMF.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://atlarge-lists.icann.org/pipermail/at-large_atlarge-lists.icann.org/attachments/20070810/a7f8c819/attachment.html 