[ga] Domain Name Registration Process Compromised

[Danny Younger <dannyyounger@xxxxxxxxx>]

[excerpt]

Whois Hijacking My Domain Research?  
By Larry Seltzer 
July 19, 2006 
 
One of the most popular subjects readers contact me on
is domain theft and abuse, and more messages came in
after my recent story on "domain tasting." 

If you thought that practice was distasteful, you
haven't seen what I found next. It involves a
domain-tasting firm. But that's not what's most
interesting.

It all started with a message from a reader. She was
planning to put a Web site up and needed to register a
domain name. 

She chose to use her first and last names for the
domain (just as I own larryseltzer.com) and checked it
on at least one service for availability. 

She went back in a day or two to register it and, lo
and behold, it had just been registered to an outfit
named Chesterton Holdings.

The great Panix.com domain theft brought domain
security issues to the forefront. Click here to read
more.

It's obvious that Chesterton Holdings is a domain
squatter. The domain was not just registered, there
was a Web page up on it. 

The page was covered with the sorts of ads you usually
see on squatted pages, and the ads were all syndicated
through information.com. 

Several days later, Chesterton released the domain,
probably having had few or no hits on it. Chesterton's
own Web page contains the following statement: 

"We acquire domain names through an automated process
rather than by any process that would intentionally
infringe on any person's rights. If you have any
questions about a domain, please submit your query to
us below. It is our policy to transfer a domain name
to any entity that, in our reasonable opinion, has a
legitimate claim. We will promptly transfer a domain
name to you if you can show us that you have a
legitimate claim."


So the question remains: How did Chesterton Holdings
get hold of the reader's domain name and register it
before she did? Is it part of this mysterious
"automated process"? 

The main site she had used to check for domain
availability was the CNet Domain Search page. 

This is a "meta-search" page, meaning that when you
enter a domain name in it, the page checks several
other services for domain availability, consolidates
the reports and delivers them back to the user. 

The actual search is performed by search.com, also a
CNet property. The reader had gotten results for
web.com, dotFM, e-nic, and APlus.net.

 
 
Click to Enlarge 
I decided to run some tests, so I picked three names
out of the air and checked them with the CNet Domain
Search page including myfuzzycat.com and
lickmynose.com. 

I let the matter go and about 30 hours later I checked
with a separate whois service and determined that the
domains belonged to Chesterton Holdings. 

The same ad-based Web pages were up on them. Bingo.
Click on the thumbnail image nearby to see the page. 

http://www.eweek.com/article2/0,1895,1991365,00.asp 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com