ICANN/DNSO
DNSO Mailling lists archives

[registrars]


<<< Chronological Index >>>    <<< Thread Index >>>

[registrars] Whois


Dear Ross -

I wanted to get back to you as quickly as possible regarding your question as to why register.com
is blocking access to its WHOIS database from certain IP addresses, the
specific range of which you had identified.  Since receiving these ranges
from you at 6:00 p.m. yesterday, our network engineers have looked
into the matter and reported that we are currently blocking access to our
WHOIS database from certain IP addresses within that range (we have left out
the actual IP addresses from this email to protect your security, but will
send them to you in a separate email).

As you are undoubtedly aware, like all internet domain name registrars,
register.com depends upon a computer system that, among other things, is
both responsive to the demands of the domain name registration process, and
provides timely information to register.com's customer service team.  In
order to protect against significant degradation of system processing and
response time, register.com's systems are programmed to deny access to
identified sources of high volume traffic.

The addresses in question have been blocked due to high volume traffic into
register.com's system which appears to have been an automated dictionary
based search of domain names.  A short example of the types of queries we
received is set forth at the bottom of this email (again with the specific
IP addresses redacted).  While we recognize that this behavior was most
likely commenced by a Tucows customer or reseller, and not by Tucows itself,
until we receive adequate assurances that Tucows has controls in place to prevent such pernicious behavior in the
future, in order to protect our computer systems, we have no choice but to
keep the addresses blocked.  I suggest that members of your technical staff
investigate the source of this behavior on your end and communicate your findings back to us. 
In order to facilitate matters, I am happy to put them in touch directly with their counterparts at register.com.

Assuming our technical staff is able to get comfortable that proper controls
are in place to prevent similar future conduct with respect to queries to
our WHOIS database via these Tucows related IP addresses, register.com is
prepared to restore access to register.com's computer system to these
Tucows' network hosts.  Please note, however, that notwithstanding any
future restoration of access, register.com reserves the right to block
access if these network hosts are again identified as a source of high
volume traffic that might threaten register.com's system processing or
response time.

We appreciate that, notwithstanding your initial communication on the
subject, you have worked with us productively during our investigation of
this matter.  Still, with regard to your earlier assertions that
register.com's policy of blocking sources of high volume traffic is
"arbitrary" and "capricious" and somehow constitutes a contravention of
ICANN policy, I feel compelled, for the record, to direct your attention to
the Amicus Curiae submission ICANN made in connection with our litigation
against Verio.  See http://www.icann.org/registrars/register.com-verio/amicus-22sep00.htm
(acknowledging that high volume traffic directed at a registrar's systems is
"a threat to the stable operation of the registration system").  As you may
be aware, that litigation concerned, among other things, the propriety of
Verio's submission of a large number of WHOIS queries to our WHOIS database
and we prevailed on each of our claims. 

That said, I am confident that by cooperating to uncover the source of the
bad conduct in question, our two companies can work this matter out and
ensure that the proper protections for each of our computer systems is not
compromised.  I look forward to hearing from you.

Kind regards,

Elana Broitman
Director, Policy and Public Affairs
register.com
575 Eighth Avenue
New York, NY 10018
(212) 798-9100
(212) 594-9876
ebroitman@register.com


____________________________________________________

Fri Jun 1 13:39:15 2001 ip=[------------] domain=[crazyswedes.net] found
Fri Jun 1 13:39:55 2001 ip=[------------] domain=[crazythings.net] found
Fri Jun 1 13:40:15 2001 ip=[------------] domain=[crazytom.net] found
Fri Jun 1 13:40:58 2001 ip=[------------] domain=[crazytrane.net] found
Fri Jun 1 13:42:31 2001 ip=[------------] domain=[crazywearcompany.net]
found
Fri Jun 1 13:44:03 2001 ip=[------------] domain=[crazz.net] found
Fri Jun 1 13:45:13 2001 ip=[------------] domain=[crbel.net] found
Fri Jun 1 13:45:17 2001 ip=[------------] domain=[crbell.net] found
Fri Jun 1 13:45:58 2001 ip=[------------] domain=[crbu.net] found
Fri Jun 1 13:47:28 2001 ip=[------------] domain=[crcdepot.net] found
 


<<< Chronological Index >>>    <<< Thread Index >>>