SOI Fast Flux PDP May08
Statements of Interest
Greg Aaron - gTLD Registry constituency
Greg Aaron is Director, Key Account Management and Domain Security at Afilias. Afilias is the registry operator for the .INFO gTLD, and is a
I am a full-time employee of GoDaddy.com, Inc., which is a business unit of The Go Daddy Group, Inc. family of ICANN-accredited registrars. GoDaddy.com is a member of the GNSO Registrars Constituency, and conducts business with all major gTLD and ccTLD registries.
In my position with GoDaddy.com my focus is the development and promotion of registrar-related business, products, and services.
I am not employed by, nor involved with, any other business or organization in any other ICANN Constituency, Supporting Organization, or Advisory Committee.
My name is Beau Brendler and I'm director of Consumer Reports WebWatch (http://www.consumerwebwatch.org), the online investigative arm of Consumer Reports magazine and Consumers Union, one of the world's largest consumer advocacy organizations.
I'm also one of the elected North American regional representatives to the ALAC, and it's in that capacity I have sought to join the working group. I was asked to join in order to help keep the ALAC informed and, in turn, to help the ALAC form any statements it may want to make. So for the moment, at least, I plan to do more observing than commenting, as fast flux and other domain security issues are relatively new territory for several members of the current ALAC.
I'm participating as the representative of the Non-Commercial Users Constituency.
I'm a third year law student at Brooklyn Law School. I'm participating with the NCUC as a legal intern for IP Justice and as part of their international cyberlaw clinic. The NCUC is concerned that over-zealous ICANN action could stifle legitimate and anonymous speech, as well as prevent the development of socially useful technology.
I'm also currently a legal intern for the Computer & Communications Industry Association, and I'm the founder of the Brooklyn Law School chapter of Students for Free Culture--though neither of these are related to my work at the GNSO. I have no commercial interest in this area.
Network Solutions is a member of the Registrar Constituency, a voting stakeholder on the GNSO Council. Network Solutions also is a member of
I have no ownership interest in Network Solutions or its affiliated registrars, nor in any current registry operator. I am not in possession of any registry sensitive or proprietary information. To the best of my knowledge, I have no ownership interest in any entity that currently has business before the GNSO or ICANN.
I am a full time employee of Melbourne IT (www.melbourneit.com.au). Melbourne IT is an ICANN accredited registrar. We offer gTLD and ccTLD domain name registration, Hosting and brand protection services.
I am a member of the Architecture group, with a focus on DNS and networks.
I have no other relationship with other organisations within this or any other ICANN constituency.
I am co-founder and CEO of Karmasphere, (Karmasphere does consulting work for VeriSign) a start-up focused on improving decisions about who to interact with online by providing more insight into the identities involved. We've built a platform and set of network analytics technologies that aggregate numerous data sources, subject them to a range of mining and forensics processes and which enable us to apply the resulting intelligence to a variety of online decision contexts.
One of the components we built is a fast flux detector. It consumes various data inputs and uses configurable heuristics to determine if a domain is fluxing, monitoring it from that point forward. The output of this system is a rich seam of data about fluxing domains, their attributes and connections between them.
We are interested in collaborating with other organizations to cure and prevent the use of fast flux networks for malicious activities. I look forward to figuring out how we can best help the work of this group.
Rodney Joffe is Senior Vice-President and Senior Technologist at NeuStar, Inc (NYSE:NSR), a directory services company and the registry operator for the .biz and .us TLDs. NeuStar also operates a DNS infrastructure currently providing either primary or secondary DNS services for a number of TLDs such as .org, .info, .uk, .ca, .nz and others. It also provides DNS services for a number of commercial and government organizations.
Rodney is a member of the ICANN SSAC and RSTEP.
He is a holder of NeuStar common stock.
As one of the leading providers of global registry services, NeuStar believes that registries must not only aim for the highest standards of technical and operational competence, but also need to act as stewards of their TLDs in promoting the public interest. One of those public interest functions includes working towards the elimination of
I am the president of Leap of Faith Financial Services Inc., which is a member of the Business Constituency of the GNSO (although, we do not speak for the BC in this workgroup). My company owns and develops a number of domain names and websites used by millions of users from all over the world every year. My personal background is in economics and finance.
As per Wendy Seltzer's statement of interest, who said it so well, "I am particularly concerned that measures to combat abuse not have the unintended consequences of inhibiting legitimate use of network resources or burdening neutral provision of service."
I hope that we can use economics a potential tool to develop a signature and/or a signal to differentiate between good actors and bad actors, and thereby continue to permit high availability services that are positive to flourish.
I am Director of DNS Research for VeriSign, Inc. VeriSign is the registry operator for the .com and the .net gTLDs and also provides backend registry services in support of Global Name Registry for the .name gTLD and Employ Media for the .jobs gTLD. VeriSign is also the registry operator for two ccTLDs, .cc for the Cocos and Keelings Islands and .tv for Tuvalu.
As an employee who supports VeriSign's naming services business, I sometimes have access to Registry Sensitive information including information about registrars. With regard to both our gTLD and ccTLD registration services businesses as well as other VeriSign businesses, our customers and business associates have interests in various ICANN policy issues and may be members of other GNSO constituencies and/or supporting organizations.
In addition to registry agreements with ICANN for .com and .net, VeriSign also has obligations to the U.S. Department of Commerce through a cooperative agreement that was initiated in 1993 and has been amended many times since then. Those obligations include operating the A and J root servers as well as support to the IANA function in implementing changes in the root zone file. As such, VeriSign is a member of the DNS Root Server System Advisory Committee and also works closely with IANA staff in the processing of root zone changes.
As an operator of critical Internet infrastructure that must be operated at high availability levels and withstand attacks, VeriSign has an interest in the threats represented by fast flux networks.
I own shares of VeriSign stock and hold options to purchase additional shares, but the amount of shares I currently own plus the potential shares I could possibly own if I exercised all options is a miniscule number relative to the total number of VeriSign shares.
I represent FairWinds Partners, a leading Internet strategy consulting company providing services and solutions to premier global brand owners. My interests are in domain policy as it relates to brand promotion and Internet security. I am a member of the business constituency.
I manage the implementation of UDRP on behalf of the Czech Arbitration Court (CAC). CAC was appointed as a new UDRP provider in January of this year. I was nominated to the FF WG by the IP Constituency. I have been a technology lawyer for almost 20 years so my interest in the FF WG relates not only to IP/UDRP aspects but also technology and security aspects of this issue. Nevertheless, I have no clients with any direct or indirect relationship to FF apart of the CAC.
I am the Vice President, General Counsel and Corporate Secretary of MarkMonitor, Inc., a global enterprise brand protection company, offering Anti-Phishing Solutions, Corporate Domain Registration Services, and Online Trademark Protection Solutions. MarkMonitor specializes in detecting, monitoring and shutting-down phishing attacks against the world's largest brands. MarkMonitor is also an ICANN accredited registrar. At MarkMonitor, I am responsible for ICANN policy and compliance matters, as well as its legal matters.
I am the Manager of Security Research at Arbor Networks. Arbor Networks is a supplier of networking and security products to many of the largest ISPs, critical infrastructure operators, and hosting providers on the Internet.
As the Manager of Security Research at Arbor Networks my responsibilities are to develop new detection tools and products to support our products and our customers. We have been targeting the botnet problem for several years, and developed fast flux botnet detection and enumeration tools earlier this year for integration into our ATLAS product and data feeds.
We conduct ongoing research into the scope and impact of fast flux botnets to identify infected hosts and malicious activities. Some of these findings have been shared with groups such as MAAWG and FIRST, as well as the ICANN SSAC. We share this data with customers and the Internet security community.
Our interests at Arbor are in stopping the botnet problem at the root, and this includes shutting down fast flux networks. We hope to facilitate this resolution by working with the GNSO fast flux working group.
I look forward to working with the group here in addressing this problem.
Mike O'Connor - resigned from the working group 27 September 2008
My company owns a number of generic domain names (eg. bar.com, grill.com, pub.com, place.com, corp.com, shelter.com, cafes.com) and I have a business-owner and domain-registrant's interests in ICANN activities.
I do not conduct any form of fast-flux hosting and have no commercial or business interest in the outcomes of the May08 Fast Flux Hosting Working Group effort.
I am a full-time employee of .ORG, The Public Interest Registry an ICANN-accredited Registry. .ORG is a US based non-profit corporation located in Washington DC. I currently serve as Law & Policy Counsel for .ORG. My daily responsibilities include handling ICANN-related issues, corporate law matters for .ORG and managing registry policy matters.
.ORG is a member of the Registry Constituency. I have been selected by the Registry Constituency to serve as a constituency representative in the Fast Flux working Group. .ORG has a chartered interest in ensuring the safety and stability of the .ORG registry and Internet. The Registry Constituency which I represent is a voting stakeholder on the GNSO council. I have no ownership interest in .ORG and I have no ownership interest in any entity that currently has business before the GNSO or ICANN.
I am an individual and owner of a spam filtering company Junk Email Filter (http://www.junkemailfilter.com).
Junk Email Filter is a spam fighting company. We act as a front end filtering service with some email hosting. Mostly customers set their MX records to point to our servers. The email comes in to us - we filter it
As an individual my background is software engineering. I am also a former employee (sys admin) of the Electronic Frontier Foundation
I am also the founder of the Church of Reality, a religion based on believing in everything that's real. We see the Internet as a significant step in the evolution of humanity and the most important advance in information sharing since the invention of the printing press.
I also have some background in law, all self taught.
I tend to look for solutions that impose the least restrictions and burden on the majority law abiding community who is using the Internet for legal productive purposes. I have some theories that part of the solution might lie in registrars providing more information about domains that spam filtering companies like us can use to help determine good email from spam. In the case of fast flux, if I could read the age of a domain and the number of recent changes to the nameserver record I can combine that with information from spam and determine what email to block. I could also public a DNS blacklist of fast fluxing domains that other spam blocking companies can use to block spam.
Additionally I would like to see DNS based contact information so I can turn an IP address into an abuse email address of who to contact to stop abuse at the source. That way if I've spotted a spambot I can send an automated message to someone who can fix the problem at the source.
I am currently tracking 1,624,019 virus infected computers who tried to send spam through our system in the last 5 days. If I had a way of sending automated abuse complaints to the right people I could shut down over 1.5 million spambots.
I believe that the war against the spam bot armies is something that is winnable and that is can be done without compromising the privacy and liberties of ordinary people. I am hoping that after some hard work and using good reasoning that we can come to a consensus on the right solution, implement it, and win. Quite frankly I would like to put myself out of business because the problem I am solving has gone away.
My interest is to see that policies emerge from the WG that assure (to the extent possible) that the DNS and registration services are not used to abet malicious or criminal activities. If policy recommendations emerge from the group, I am also interested in assuring that they preserve the
President and CTO, Internet Identity
Neither myself or my company have any ICANN/GNSO constituency membership at this time - we're trying not to "pick sides" on these abuse issues that affect all constituencies!
Both my company and the various industry organizations I am a leader and/or active within (APWG, MAAWG, Digital Phish-net, AOTA) are very concerned with the rapid rise in DNS manipulation techniques being used by phishers and e-criminals to perpetuate fraud, crime, and wide abuse across the Internet. Fast Flux, and various other types of DNS "flux" techniques are being used by the largest proliferators of spam, phishing, and other net abuse, and are tied to organized crime elements throughout the world. The nature of these attacks makes mitigation and prevention nearly impossible without the close involvement of the domain registration community, and their use is growing rapidly, with thousands of fraudulently registered domains in- use daily utilizing them. We wish to engage this community to work on policies to address these types of abuse in a manner that will be highly effective, sustainable, and flexible enough to work as the criminals change their tactics. At the same time, we realize that there are drawbacks and costs associated with any new policy and those need to be balanced to come up with solutions that work for all.
I am one of the principal partners of Internet Identity with a very large (but non-majority) portion of its ownership, and am thus materially impacted by the company's financial performance. Our clients are primarily in the financial services and e-commerce sectors and they and their customers are the victims of phishing and other online crime attacks. A large percentage of these clients are directly impacted by fast-flux based phishing attacks and part of the work we are paid to perform on their behalf is mitigating the actual attacks and working towards long-term solutions for these problems. Successfully addressing these issues from a policy perspective is both a potential financial gain and loss, as the benefits of our long-term role would be to some extent offset by lost revenue "opportunities" individual fast flux attacks present to our company's mitigation service. Due to the nature of our work, many of our clients fall into the Business and/or IP constituency area of the GNSO umbrella (and several companies who employ us are members), but we also perform substantial work for domain registrars, domain registries, and ISPs, all of whom have membership within their respective GNSO constituencies.
Joe St. Sauver
As a matter of professional identification, I am security programs manager, Internet2, work which is done through the University of Oregon.
I am also a senior technical advisor for the Messaging Anti-Abuse Working Group (MAAWG). In that capacity, I have a interest in combating spam and other messaging abuse, including fastflux and domain name-related abuse.
For additional background on the perspective I bring to this issue, some talks I've previously given are available at http://www.uoregon.edu/~joe/
I participate in this working group as an individual interested in the effective functioning of the Internet as an end-to-end neutral platform on which a variety of speech and services can be deployed. I am particularly concerned that measures to combat abuse not have the unintended consequences of inhibiting legitimate use of network resources or burdening neutral provision of service.
I am the Chief Security Officer, Vice President of Network & System Engineering of MarkMonitor, Inc., a global enterprise Brand protection company, offering an integrates suite of products to include Anti-Phishing Solutions, Corporate Domain Registration Services, and Online Trademark Protection Solutions. I am responsible for the Engineering and Operations of the Anti-fraud product line where at the core the Security Operation Center detect, monitor and shutdown all types of phishing attacks against the world’s largest brands. Furthermore, the SOC hazels on a daily basis large volumes of Phish attacks such as Rock Phish and Malware centric attacks which utilizes Flux Networks.
I am a professor of Information Systems at Baylor University. I conduct research in counter eCrime with a specialization in identifying, demographically mapping and reporting malicious Internet domains and activities. My interests are motivated by the recognition of the dependence of commerce and global communications on the Internet
I am not currently a member of any ICANN Constituency. I do, however, actively cooperate with individuals and corporations who share my concerns for the safety and security of the Internet infrastructure and of Internet-
I perceive a need for ICANN and registry/registrar policies directed towards increasing Internet security by specifically addressing the abuse of 'fast-fluxed' domains in a manner that will not damage legitimate use of
I am a full-time employee of Register.com, Inc., which is an ICANN-accredited registrar. Register.com is a member of the Registrars Constituency, and conducts business with all major gTLD and ccTLD registries.
My position with Register.com is deputy general counsel for Register.com. In addition to general legal matters, my responsibilities include ICANN policy and compliance matters and oversight of our abuse team. I also represent Register.com on the Registrar Constituency.
I am Chief Technical Officer for CORE, an ICANN accredited registrar (IANA-15) , and I operate USA Webhost, also an ICANN accredited registrar (IANA-439), and a CORE member company (CORE-124). CORE also provides registry backend technical services to several registries.
Neither CORE, nor USA Webhost, registrars, nor CORE as a registry backend service provider, have any financial interest in "flux" or "fast flux".
I am not an officer, director, consultant, or employee of any other member of the Registrar Constituency or Registry Constituency or any other ICANN Constituency.