[SATLUG] DynDNS and secret domains

Luis Garza luis at luisgarza.com
Fri Apr 20 07:48:33 CDT 2007 

Thomas King wrote:
> Hmmm...dunno what to make of this one. I can imagine spammers and the like
> just
> salivating over this:
>
> Dynamic Network Services today announced the launch of "Secret
> Registration", a breakthrough in WHOIS privacy protection. This new
> service provides end users and corporations alike with the ability to
> shield their real contact information from robots and malicious parties
> all the while staying reachable and complying with the strictest ICANN
> regulations on domain name attribution.
>
...
> "WHOIS privacy has been a long-term problem for the community of the
> Internet. We are happy to finally provide a solution that is effective at
> protecting the privacy of our patrons, without the overhead and
> uncertainty of traditional offerings." said Jeremy Hitchcock, DynDNS CEO.
> "Relying on a human review process is a remarkable advantage for our
> users that are used to fully entrusting us with making the right
> decisions for their domains. This has all been made possible by the
> scalable infrastructure we have spent ten years building" added an
> enthusiastic Tom Daly, the company's president and CTO.
>
...

Spammers are in constant need of email addresses and other information. 
The whois provides alot of personal information the you may want to keep
private.  To have and maintain a registration for a domain, you need to
provide the owners name, address, phone number and email address.  Many
years ago, the idea was that if there was a problem with your server, ie
telnet, ftp, http, I could get your whois info and just call you up to let
you know what the problem was.  Back then, the internet was run on trust. 
If you was a bad net citizen the you were banned from the internet.  This
gave everyone the incentive to make nice.  But with that threat removed,
malicious individuals and corporations use this trusted information for
their harassing spam.

Now many registrars offer a news for hiding your information from the
general public.  You can still contact the owner of the domain but you
have to use the registrar as a go between.

My only personal objection to this technique, is that it hides the
technical contact information.  Many times I get ssh attacks from servers
that may have been compromised and I want to contact them and let them
know, right away.  Because they hide all of the whois information, this
makes it even harder to let them know about a spammer using their server.


Luis Garza
www.luisgarza.com
luis at luisgarza.com
lrgarza2000 at yahoo.com

More information about the SATLUG mailing list