[Infowarrior] - ICANN accepting public comments on Fast-flux Hosting report

Richard Forno rforno at infowarrior.org
Sat Feb 14 00:17:41 UTC 2009



Begin forwarded message:

> From: "Jon O."
>
> I wanted to draw your attention to the "Fast Flux Hosting Initial
> Report" on the ICANN site:
> http://icann.org/en/public-comment/#ff-initial
>
>
> At the link above, ICANN is accepting public comments on this subject
> and I would encourage those of you who have strong views or good ideas
> to submit a comment. At the very least, comments from interested
> parties/orgs will show that we are concerned and would like some  
> kind of
> action or enhancement to be taken by ICANN to mitigate risk cause by
> fast-flux hosting.
>
> The comment period will be closed 15-FEB-09 (2 days).
>
> What kind of action could be taken? The relevant section in the ICANN
> report is on [Page 9]:
>
> http://gnso.icann.org/issues/fast-flux-hosting/fast-flux-initial-report-
> 26jan09.pdf
> What technical (e.g. changes to the way in which DNS updates operate)
> and policy (e.g. changes to registry/registrar agreements or rules
> governing permissible registrant behavior) measures could be  
> implemented
> by registries and registrars to mitigate the negative effects of fast
> flux?
>
> The WG wishes to emphasize that fast flux needs better definition and
> more research. The ideas are presented here as a draft, to record
> incremental progress. The solutions fall into two categories based on
> the type of involvement expected of ICANN and its contracted or
> accredited parties (gTLD registries and registrars): those that would
> require only the availability of additional or more accurate
> information, which could be used (or not used) by other parties  
> engaged
> in anti-fraud and related activities as they saw fit (information
> gathering); and those that would require or at least benefit from some
> degree of active participation by ICANN and/or registries and  
> registrars
> to identify and deter fraudulent or other "malicious" behavior (active
> engagement).
>
> - Information Gathering - information sharing proposals discussed
> included the following ideas:
>
> o Make additional non-private information about registered domains
> available through DNS based queries;
>
> o Publish summaries of unique complaint volumes by registrar, by TLD  
> and
> by name server;
>
> o Encourage ISPs to instrument their own networks;
>
> o Cooperative, community initiatives designed to facilitate data  
> sharing
> and the identification of problematic domain names.
>
> - Active Engagement - ideas for active engagement that were discussed
> included:
>
> o Adopt accelerated domain suspension processing in collaboration with
> certified investigators / responders;
>
> o Establish guidelines for the use of specific techniques such as very
> low TTL values;
>
> o Identify name servers as static or dynamic in domain registrations  
> by
> the registrant;
>
> o Charge a nominal fee for changes to static name server IP addresses;
>
> o Allow the Internet community to mitigate fast-flux hosting in a way
> similar to how it addresses other abuses;
>
> o Stronger registrant verification procedures
>



More information about the Infowarrior mailing list