NSI Registers Every Domain Checked 668
An anonymous reader writes "In a developing story, registrar Network Solutions has been caught front-running domain names. Any domain names searched via NSI's whois are being immediately purchased by the registrar, thereby preventing a registrant from purchasing the domain at any other registrar. There are multiple reports of this practice over at DomainState.com." Update: 01/09 01:58 GMT by KD : shashib writes to let us know that NSI has issued a response to the accusations of front running.
Any way to... (Score:5, Interesting)
Re: (Score:3)
uselessdomain00002.com
uselessdomain00003.com
uselessdomain00004.com...
Re:Any way to... (Score:5, Funny)
uselessdomain00001.com
uselessdomain00002.com
uselessdomain00003.com
uselessdomain00004.com...
too subtle
FuckYouNSI00001.com
FuckYouNSI00002.com
FuckYouNSI00003.com
FuckYouNSI00004.com...
Re:Any way to... (Score:4, Interesting)
LOL (Score:5, Funny)
Re:Any way to... (Score:5, Informative)
Re:The greater irony is.. (Score:5, Funny)
Not a chance (Score:4, Informative)
Sorry pal, this is Slashdot. Source or GTFO.
Re: (Score:3, Funny)
Well... (Score:3, Interesting)
...would you mind posting it?
Re:Any way to... (Score:5, Funny)
Registrar: NETWORK SOLUTIONS, LLC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com/ [networksolutions.com]
Name Server: NS1.RESERVEDDOMAINNAME.COM
Name Server: NS2.RESERVEDDOMAINNAME.COM
Status: ok
Updated Date: 08-jan-2008
Creation Date: 08-jan-2008
Expiration Date: 08-jan-2009
Nice, how nice
Re:Any way to... (Score:4, Informative)
Re:Any way to... (Score:5, Funny)
NSI doing Creative Commons Abuse, too! (Score:4, Interesting)
I Just followed the link to uselessdomain0001.com [uselessdomain0001.com]. Check out the blue globe logo at the top.. now check out this CC licensed SVG image on Wikipedia: Applications-internet.svg [wikipedia.org]. Looks like someone "accidentally" forgot to include the Creative Commons Share Alike license on that page.. hmmmm.
I think it's pretty obvious that NSI is just a scummy company, through and through.
P.S. If uselessdomain0001.com has changed by the time you read this, just check out uselessdomain0002.com or any other similarly tasted domain.
Re:At 4:24 PM (EDT-US) (Score:5, Informative)
What NSI are doing is registering the domain for the 5 day period after anyone does a search for the name, making anyone who wants the domain only buy it through them for the 5 days. If after 5 days noone wants it, then NSI can simply release the domain name and not pay a penny.
Re:At 4:24 PM (EDT-US) (Score:5, Insightful)
Re:At 4:24 PM (EDT-US) (Score:4, Insightful)
Re:Any way to... (Score:5, Funny)
I was just about to post that ;) Best idea ever.... quoting this [domainstate.com] from DomainState.com: someone could totally script this and run there credit through the roof with the registry hahahahaha.
Assuming it costs them SOMETHING (even pennies) to register a domain with the central registry then I think this is an absolutely awesome idea. I'll run such a script if someone writes it. In fact maybe I'll write one myself, because screwing over NSI sounds like a much better way to spend my afternoon then doing anything productive ;)
Re:Any way to... (Score:5, Funny)
You must work for the government.
Re:Any way to... (Score:5, Funny)
Re:Any way to... (Score:5, Funny)
Re:Any way to... (Score:5, Funny)
A Jabberwocky generator (Score:3, Informative)
Re:Any way to... (Score:5, Funny)
Assuming it costs them SOMETHING (even pennies) to register a domain with the central registry then I think this is an absolutely awesome idea. I'll run such a script if someone writes it. In fact maybe I'll write one myself, because screwing over NSI sounds like a much better way to spend my afternoon then doing anything productive ;)
If you can't write that in under three lines in the scripting language of your choice, you officially lose your nerd card. ;)
Re:Any way to... (Score:5, Funny)
Re:Any way to... (Score:4, Insightful)
In perl, you could do it in one line with a haiku poem.
Sure, but nobody could read it.
Re: (Score:3, Funny)
Sure, but nobody could read it.
Re: (Score:3, Interesting)
True, but it'd be more fun to do it as a limerick. Or as ascii art of the NSI logo.
Re:Any way to... (Score:5, Informative)
Re:Any way to... (Score:5, Informative)
Re:Any way to... (Score:4, Interesting)
Then when they get wise to that, and start queuing requests, checking the first N and the last N, you need a back-end loop, as well.
Re:Any way to... (Score:5, Informative)
Re: (Score:3, Informative)
for i in `cat somefile.txt`
do
wget http://www.nsi.com/whois/results.jsp?domain=$1 [nsi.com]
done
Re:Any way to... (Score:4, Funny)
for i in `seq -w 1 100`
do
lynx -dump http://www.nsi.com/whois/results.jsp?domain=dienetworksolutions${i}.com >
done
Re:Any way to... (Score:5, Informative)
The simply reserve them using a registrar's 5 day grace period & if nobody buys the domain from Network Solution for 5 days, they simply release the reserve. I.e., it's available again to the general public.
It's something a registrar can do, that you & I can't. Basically, a loophole that a few trusted companies in the system are exploiting for profit.
This came up a big back when a registrar would "try" domains, to see if the type-in traffic made more than the cost of registering. (E.g., by using Google's DomainPark [google.com] for Domain Squatters.)
The President of GoDaddy wrote about it a little over a year ago:
http://www.bobparsons.com/DomainKiting.html [bobparsons.com].
One registrar in particular, DirectNIC, "registered" 8.4 million domains but only permanently registered -- i.e. paid for -- 51,400.
Overall, I'm with you in spirit of screwing bastards like this over, but it seems the only way to do so is close the loophole in the system.
-Bill
Re: (Score:3, Interesting)
Yeah, you guys are thinking about this the wrong way. Instead of just costing them money, figure out how you can profit from it:
Champ Mitchell is the CEO of Network Solutions, and according to this domain name which they registered, fair and square, apparently he owes me some money. I'll try to be magnanimous and settle for just one percent.
Re:Any way to... (Score:4, Informative)
It may not cost them any money for the domain, but the whole process costs some pennies. There are bandwidth costs, obviously. Not just to the user doing the lookup but between the registrar and their data centers, and the central registry. Harddisk costs for data, logs, analysis, etc.
A larger cost would be in their database. NS only has ~6.6 million domains under registry. Adding a few hundred thousand domains (even for a few days) could cause some serious indexing and performance issues.
With all these scripted domains coming in it will mess up any advertising models they have setup. Also, if they haven't been very, very careful, you could trick them into buying the domain by doing a recheck every couple of days. Waiting until the very last second to check the name again may be more than their system is setup to handle.
Like I've said please don't script them. Knowledge should never be used to maintain the balance of power. Those in authority always have your best interests at heart. When those who love you appear to abuse you it is for your own good. Don't fight the man. Etc, etc, etc.
Re: (Score:3, Interesting)
This will cause a random distributed load and make it very hard to track if the requests are valid or not. Especially if a JavaScript timer is used to allow for a delay between each request, which will cause the request to look like it's an ordinary user doing it.
Re: (Score:3, Informative)
Re:Any way to... (Score:5, Informative)
I doubt they're making any financial commitment "purchasing" these domains. They're simply putting in a database record, and then removing it within the 5-day grace period (thus removing any liability to any other registrars).
Network Solutions' Response (Score:5, Informative)
IMHO, bullshit.
Re: (Score:3, Insightful)
It's also poor practice for NSI to keep me from searching on NSI then deciding to register with GoDaddy, Register.com, Dotster, or SRS
Comment removed (Score:5, Insightful)
Re: (Score:3, Insightful)
ARRRGH! NO! If you put it off "until it's up for renewal", you will be told with a sneer that "We don't allow transfers within six (days|weeks|months) of expiration. If you don't resub with us for another year, you can't transfer it -- AND our Domain Squatter Facilitation Dept. guarantees you will lose the domain."
You do not lose a penny by transferring it right now, as the new registrar will give you full credit for the time remain
Lessor of two evils? (Score:3, Interesting)
Well... hang on and think about it for a second. In a perfect world if you look up a domain it remains available. But this is not a perfect world, we have ICANN instead.
My first reaction when reading TFA was "no way. they can't be".
But I see their point. With over a hundred registrars, many of them just squatters who want to get domains for the wholesale price of $6, it does appear ot be true that if you look up a domain at NSI you are still able to purchase it.
Compare this to some other
Re:Any way to... (Score:5, Insightful)
Yeah, but then you'd be arrested as a "terrorist."
-matthew
Re: (Score:3, Interesting)
individually no-one would be capable of doing it.
unless you are orchestrating/controlling a Botnet to do a DoS attack.
their efforts at NSI would they?
after all, they are already considered terrorists and have nothing to gain
a plain DoS would cost them money in lost business.
Re:Any way to... (Score:4, Funny)
Somewhere in an AT&T monitoring center a little light with a handwritten "Terrorist" tag next to it lit up...
Re:Any way to... (Score:5, Insightful)
Web form that doesn't log your domain lookup. (Score:4, Informative)
http://support.suso.org/dns/saferdomainlookup.php [suso.org]
I wrote it a few months ago after these types of issues started coming up. I provide some transparency so that you can have confidence in trusting it. Of course, you can always use command line whois or DNS tools.
Re:Any way to... (Score:5, Funny)
Re:Any way to... (Score:5, Funny)
Re: (Score:3, Funny)
Re:Any way to... (Score:5, Insightful)
I did verify that you have to initiate a purchase before they auto-register. If you simply do a search, they don't do anything (that I can see), but if you click on "Add Domains to Order", it shows up on a general whois a few seconds later, allocated for a year.
My question is... how long do they keep it? If they were to drop it after say, a few hours... even a few days... I'd consider it a dangerously abuseable practice but little worse. If they keep it any longer than that, it's a few steps shy of a domain hijack.
Seriously, I think it's just meant to be a service, but I don't see how it offers any kind of service if they allow others to waltz in and register these names themselves (which it sounds like they do, judging from posts on DomainState).
Re:Any way to... (Score:5, Insightful)
I think the rationale behind this isn't entirely malicious. Consider the fact that domains are valuable property. If you were in the process of buying a domain, and had to take the time to fill our user information, credit card information and all of the textboxes that they make you fill out (particularly if you are a first time user), there is a good chance that someone from another registrar could snatch the domain out from under you simply because they were a faster typer, or had previously registered. In this way, if you do a WHOIS search with NSI, the name is locked for a short time to allow you to complete your transaction, and to disallow anyone else who may be following in your tracks to buy you your name before you can.
It makes sense, and I'm frankly surprised that no one hasn't noticed this before. I for one am glad that someone peeking over my shoulder can buy a domain from their iPhone before I can finish clicking "buy".
Make it cost them ... (Score:2)
The naughtier the better. Flood them with searches for obscene/stupid domains and let them pick up the tab on it.
Cheers
Re:Make it cost them ... (Score:5, Informative)
Re: (Score:3, Interesting)
foo.com
bar.com
foobar.com
foo: frequency 2
bar: frequency 2
oob: frequency 1
oba: frequency 1
fo: frequency 2
oo: frequency 2
ba: frequency 2
ar: frequency 2
ob: frequency 1
Now, just pick random length, say 5, and generate random strings with the weights to the ra
Please don't disturb me. (Score:4, Funny)
Re:Please don't disturb me. (Score:5, Funny)
What?
Re:Please don't disturb me. (Score:5, Funny)
I always assumed they did this (Score:3, Informative)
Re:I always assumed they did this (Score:4, Interesting)
ICANN didn't have the balls to kill the contract a few years ago, maybe they will finally do the right thing and rid the Internet of this vile vile monster.
Time for it to go (Score:5, Insightful)
Dupedy do dah, dupidee-ay (Score:2, Flamebait)
It wasn't in the firehose this morning, now where could I have seen it...
Re: (Score:3, Informative)
Now you can relly test it; I searched for about 20 domainnames and they are now all registered by NS.
Re:Dupedy do dah, dupidee-ay (Score:5, Insightful)
News does evolve over time... that's why it's news.
Well, they're now the proud owners of (Score:5, Funny)
our-ceo-jacks-off-to-goatse.com
batman-touched-my-junk-liberally.com
DNS and Certificate services (Score:4, Interesting)
It is appalling that so much of our security infrastructure relies on this pack of thieves.
What should be we do to correct this problem?
Perhaps a consortium of the major Internet providers could start up a new DNS system.
I'm not talking about Comcast/verizon/aol, I'm talking about Level3, Cogent, Teleglobe etc..
thoughts?
Don't use WHOIS (Score:5, Interesting)
Whether it's NSI or some other registrar doing it, this has been a known issue for a long time. The solution is not to use WHOIS. Instead follow DNS from the root and see if it goes anywhere. E.g.:
dig the-domain-you-want.com. +traceRe:Don't use WHOIS (Score:4, Insightful)
Nah, that's a workaround.
The solution is to revoke their corporate charter.
Re: (Score:3, Insightful)
On the main topic: as if it isn't bad enough having to beat the general domain squatters to a domain before they "squat" all over it, now you've got to beat the registrar to it as well?
ICANN to the rescue! (Score:5, Funny)
I slay me.
F*** You Network Solutions (Score:3, Informative)
Record expires on 08-Jan-2009.
Record created on 08-Jan-2008.
Database last updated on 8-Jan-2008 14:38:53 EST.
Yup, I did that 4 mins ago.
I wonder how much it is costing them per domain
Big companies who commit big crimes go free..... (Score:3, Insightful)
weren't we just complaining a few weeks ago.. (Score:3, Insightful)
In some ways this is a lot better, so if I have an idea for a domain, go register it at NSI, get sidetracked, go back the next day, the domain would still be available and not stolen by somebody sniffing the whois traffic etc.
As long as network solutions is upfront with this practice I think it could definitely be spun as a positive vs a negative (check a domain here and you can be sure that you'll be able to register it for up to 5 days after, instead of risking it being stolen or held for ransom).
Re:weren't we just complaining a few weeks ago.. (Score:5, Insightful)
In some ways this is a lot better, so if I have an idea for a domain, go register it at NSI, get sidetracked, go back the next day, the domain would still be available and not stolen by somebody sniffing the whois traffic etc.
As long as network solutions is upfront with this practise I think it could definitely be spun as a positive vs a negative (check a domain here and you can be sure that you'll be able to register it for up to 5 days after, instead of risking it being stolen or held for ransom).
Here's a test, try searching for a domain from one IP, then try going through the purchase process from another IP. How much do you wanna bet that NSI is more than happy to sell the domain to the different IP? Heck if two different people both have accounts have them search a domain name with one then step through the purchase with another, even with two conclusively different entities I'm sure they'll be happy to take the sale. Note there's no reason a spammer couldn't sniff the domain you searched for, then purchase it from NSI. If NSI doesn't restrict the purchase to the person who made the search they've done absolutely nothing to stop sniffers from stealing domains.
Re:weren't we just complaining a few weeks ago.. (Score:4, Insightful)
Oh, this is fun! (Score:3, Funny)
the-real-microsoft.com
the-real-ibm.com
the-real-dell.com
the-real-walmart.com
the-real-esso.com
the-real-general-motors.com
the-real-ford.com
the-real-chrysler.com
NSI vs RIAA (Score:3, Funny)
Only dot com space (Score:3, Informative)
e.g. netsol screenshot of me searching for a few sites:
http://www.flickr.com/photos/griffjon/2178156179/ [flickr.com]
GoDaddy saying the dot com version is taken:
http://www.flickr.com/photos/griffjon/2178156285/in/photostream/ [flickr.com]
Even more disgusting, the whois record has a freaking advert in it from netsol:
Registrant:
This Domain is available at NetworkSolutions.com
13681 Sunrise Valley Drive, Suite 300
HERNDON, VA 20171
US
Domain Name: NETSOLATEMYDOMAINSEARCH.COM
This Domain is Available - Register it Now!
600,000 domain names are registered daily! Don't delay; there's no guarantee
that a domain name you see today will still be here tomorrow!
Register it Now at www.NetworkSolutions.com.
Administrative Contact, Technical Contact:
Network Solutions, LLC [email protected]
13681 Sunrise Valley Drive, Suite 300
HERNDON, VA 20171
US
1-888-642-9675 fax: 571-434-4620
Record expires on 08-Jan-2009.
Record created on 08-Jan-2008.
Database last updated on 8-Jan-2008 15:33:32 EST.
Yes, another confirmation. (Score:5, Insightful)
Just looked up Network-solutions-antitrust-violation-demo.com [network-so...n-demo.com]. and Network Solutions registered it.
Time for ICANN to issue a policy under the registrar agreement [icann.org] to enforce section 3.7.9: "Registrar shall abide by any ICANN adopted specifications or policies prohibiting or restricting warehousing of or speculation in domain names by registrars."
Re: (Score:3, Informative)
Did that, worked OK. Network Solutions will blacklist WHOIS queries that seem to come from a program or are too numerous. If you need bulk WHOIS data, you either have to become a registrar, make a deal with one, or buy services from "domaintools.com".
PR response from NSI (Score:5, Informative)
Domain Name Wire [domainnamewire.com] has posted a response from NSI's PR department. Here's the relevent quote from NSI:
Translation: So if anyone else does it, it's bad, because they're domain front-running. But when we do it's it's ok, because, uh, we say so. No, really!
Worse than that... (Score:3, Interesting)
So they are DEFINITELY monetizing it, by charging more now that it has some traffic.
Re: (Score:3, Interesting)
Awesome. So the Slashdotting the system got today should cause all manner of pain for sleazebags who watch for whois deletions and snap up the domains. That rocks. Now we can annoy dozens of horrible, evil companies with the ethics of a turnip just by making a single query! Couldn't happen to a nicer bunch of dirtbags.
The only question that remains, then, is how can the slashdot community convince the link farmers to purchase as many of these worthless domains as possible so that when nobody ever visi
Call for more info (Score:5, Interesting)
I sure hope I don't take up too much of their time, because 1-800 minutes aren't cheap for them, neither is tying up their support personnel. However, if you're curious about these practices, you might want to speak with them yourself - it's your right after all.
ICANN SSAC looking for input on front running (Score:5, Informative)
Just found this in the ICANN Front-running paper [icann.org]. Note the contact email at the end...
Method used to check domain name availability (e.g., web browser, application).
Local access ISP.
Provider or operator of the availability checking service.
Dates and times when domain name availability checks were performed.
Copy of the information returned (e.g., WHOIS query response) in the response to the availability check.
Whether the domain name was reported as previously registered or never before registered in the response returned from the availability check.
Copy of the information returned (e.g., WHOIS query response) indicating the name had been registered.
Copies of any correspondence sent to or received from the registrant perceived to be a front runner.
Correspondence with the registrar or availability checking service.
Any information indicating a potential relationship between the availability checking service and the registrant that grabbed the name.
Please submit incidents to the SSAC Fellow at [email protected] [mailto].
Clarification from Network Solutions (Score:5, Funny)
Re:Clarification from Network Solutions (Score:5, Insightful)
On the contrary, Network Solutions is effectively monetizing the domains by forcing buyers to purchase them at Network Solutions' inflated prices.
Furthermore, this concept of protection would only make sense if you thought consumers were searching for a domain both on Network Solutions' lookup system and on that of an another unethical competitor. But why would consumers do that? One lookup is sufficient, and by definition, you know that one lookup occurred on your site, so it's already unlikely that a competitor will have the opportunity. The notion that you're protecting anyone doesn't wash.
These domains are hosted on a wildcard DNS (Score:5, Insightful)
The following domains are installed on my anti-spam relays' caching nameservers as empty stub zones. It prevents my anti-spam relays from resolving any domains hosted on nameservers that live in these zones. It accounts for a very large percentage of blocked spam on my systems, and I recommend mail admins start blocking domains hosted on wildcard DNS servers. It's quick, easy, painless, and your content filter will thank you for easing its workload (if it could talk and had emotions, that is).
cheap-dns-host.com
domainservice.com
fastpark.net
namesdiscount24.net
name-services.com
names-service.com
parked.com
parkingsave.net
reserveddomainname.com
versans1.com
versans2.com
versans3.com
versans4.com
versans.com
Re:Use the /. effect to make them screw themselves (Score:5, Interesting)
Who needs a script when you have the power of Slashdot?
Re:Can't be ALL of them. (Score:5, Informative)
Re:Can't be ALL of them. (Score:5, Informative)
Mysteriously, the domain is suddenly unavailable.
Re:Can't be ALL of them. (Score:5, Informative)
1. Went to godaddy.com and searched for {obscurewords}.com. It's available.
2. Went to networksolutions.com and searched for the same. It's available.
3. Went back to godaddy.com and searched for the same, again. NOT available!
NS is rotten to the core.
Re: (Score:3, Interesting)
www.hitler-had-only-one-ball.com,
Tried on godaddy, showed up as open.
Same on NS, showed up as blank.
Went back to Godaddy, clicked it again, "DOMAIN TAKEN"
Whois shows it up as;
Domain Name: HITLER-HAD-ONLY-ONE-BALL.COM
Registrar: NETWORK SOLUTIONS, LLC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com/ [networksolutions.com]
Re: (Score:3, Funny)
justchecking.com ?????
Re: (Score:3, Insightful)
Which, might in turn make the vile practice of "domain tasting" (which benefits NOBODY but scammers) to be banned.
Re:It doesn't cost them (Score:5, Funny)
"Don't taste me, bro" --Domain
Re: (Score:3, Informative)
It's more like: you walk into a store and see a jacket you like. You tell the clerk you are interested in that jacket and the clerk puts it behind the counter for you. You leave to check the price at a competitor's store, but by the time you get there the clerk has already called all the competing businesses and instructed them not to sell you that jacket, to which they