[registrars] Whois
Dear Ross -
I wanted to get back to you as quickly as possible regarding your question as to why register.com is blocking access to its WHOIS database from certain IP addresses, the specific range of which you had identified. Since receiving these ranges from you at 6:00 p.m. yesterday, our network engineers have looked into the matter and reported that we are currently blocking access to our WHOIS database from certain IP addresses within that range (we have left out the actual IP addresses from this email to protect your security, but will send them to you in a separate email). As you are undoubtedly aware, like all internet domain name registrars, register.com depends upon a computer system that, among other things, is both responsive to the demands of the domain name registration process, and provides timely information to register.com's customer service team. In order to protect against significant degradation of system processing and response time, register.com's systems are programmed to deny access to identified sources of high volume traffic. The addresses in question have been blocked due to high volume traffic into register.com's system which appears to have been an automated dictionary based search of domain names. A short example of the types of queries we received is set forth at the bottom of this email (again with the specific IP addresses redacted). While we recognize that this behavior was most likely commenced by a Tucows customer or reseller, and not by Tucows itself, until we receive adequate assurances that Tucows has controls in place to prevent such pernicious behavior in the future, in order to protect our computer systems, we have no choice but to keep the addresses blocked. I suggest that members of your technical staff investigate the source of this behavior on your end and communicate your findings back to us. In order to facilitate matters, I am happy to put
them in touch directly with their counterparts at register.com. Assuming our technical staff is able to get comfortable that proper controls are in place to prevent similar future conduct with respect to queries to our WHOIS database via these Tucows related IP addresses, register.com is prepared to restore access to register.com's computer system to these Tucows' network hosts. Please note, however, that notwithstanding any future restoration of access, register.com reserves the right to block access if these network hosts are again identified as a source of high volume traffic that might threaten register.com's system processing or response time. We appreciate that, notwithstanding your initial communication on the subject, you have worked with us productively during our investigation of this matter. Still, with regard to your earlier assertions that register.com's policy of blocking sources of high volume traffic is "arbitrary" and "capricious" and somehow constitutes a contravention of ICANN policy, I feel compelled, for the record, to direct your attention to the Amicus Curiae submission ICANN made in connection with our litigation against Verio. See http://www.icann.org/registrars/register.com-verio/amicus-22sep00.htm (acknowledging that high volume traffic directed at a registrar's systems is "a threat to the stable operation of the registration system"). As you may be aware, that litigation concerned, among other things, the propriety of Verio's submission of a large number of WHOIS queries to our WHOIS database and we prevailed on each of our claims. That said, I am confident that by cooperating to uncover the source of the bad conduct in question, our two companies can work this matter out and ensure that the proper protections for each of our computer systems is not compromised. I look forward to hearing from you. Kind regards, Elana Broitman Director, Policy and Public Affairs register.com 575 Eighth Avenue New York, NY 10018 (212) 798-9100 (212) 594-9876 ebroitman@register.com ____________________________________________________ Fri Jun 1 13:39:15 2001 ip=[------------] domain=[crazyswedes.net] found Fri Jun 1 13:39:55 2001 ip=[------------] domain=[crazythings.net] found Fri Jun 1 13:40:15 2001 ip=[------------] domain=[crazytom.net] found Fri Jun 1 13:40:58 2001 ip=[------------] domain=[crazytrane.net] found Fri Jun 1 13:42:31 2001 ip=[------------] domain=[crazywearcompany.net] found Fri Jun 1 13:44:03 2001 ip=[------------] domain=[crazz.net] found Fri Jun 1 13:45:13 2001 ip=[------------] domain=[crbel.net] found Fri Jun 1 13:45:17 2001 ip=[------------] domain=[crbell.net] found Fri Jun 1 13:45:58 2001 ip=[------------] domain=[crbu.net] found Fri Jun 1 13:47:28 2001 ip=[------------] domain=[crcdepot.net] found
|