Slashdot Mirror

FYI, Steve Gibson has posted his latest explanation of the WinXP Raw Sockets Vulnerability here from whence the concern of "WinXP boxes and ... their [spoofed] IP addresses" evidently first originated.

Steve & Co. also provide two "quick 'n dirty" FREE programs to download to:

test your access to "raw sockets" (all Win OS)

secure NON-SYSTEM "raw sockets" access (Win2K & WinXP) to see that Win2K & WinXP continue to function just fine

The funny part is that Steve Gibson now uses Microsoft's own MSDN Technical Documentation against Microsoft. Steve provides quotes from the Microsoft MSDN websites and links to the original Microsoft Technical Documentation

As of 8/13/01 @ 0801 PST, all the links to the Microsoft Technical Documentation PROVING (?) Steve Gibson's points were fully functional.

BTW, for a "nail biting" (grin - soon to be a motion picture - grin) tale of one man's experience with a Distributed Denial of Service attack read both here and SlashDot commentary to learn where Steve's fear of WinXP Raw Sockets originates (i.e. WinXP zombies doing DDOS with the easy to spoof WinXP box IP addresses due to desktop Joe/Jane-consumer user always being "root")

Funny thing now is that Steve Gibson can now quote chapter and verse back to Microsoft and ask Microsoft "Why are you [microsoft] now contradicting yourself."

BTW, there is now an "astroturf" (?) website devoted to debunking Steve Gibson here although all the DNS details seem bogus ("How convenient for the astroturf PR agency!!!" says the Church lady)

If I've got the trademark "Slashdot" in Malaysia that is prior to the inital purchase of the domain Slashdot.org... do I have some right to Slashdot.org?

I can't believe anyone is seriously trying to bring some sort of order to this mess. That is the absolute definition of futility!

Here is an example: WHOIS lookup for LoanCityAtemyballs.com ... LoanCity.com was smart.. they squated every concievable name out there. Now maybe you disagree with them for some reason and you want LoanCitySucks.com ... that's understanble, you have your right to say whatever you want on the internet, unfortunatly that's already taken by LoanCity.com. Now how do you make a fair decision in this case? I want my freedom to say LoanCitySuck.com ... but LoanCity owns the trade mark... You don't! You just leave it as first come first serve.

-Peter

I knew I should have learned to like Microsoft.

From my experience, NSI is very knowledgable about fraud.

There's also the teensy little matter of the original payment agreement "two years up front then annually" suddenly changing a few months back to "two years in advance". Expecting bills for US$35, and getting them for US$70 instead. Notwork $olutions still allows a "back door" which (sometimes, when it doesn't break) allows payment for a single year ahead... but how long will it be before they close that?

Sneaky bar stewards deserve to lose all their business, in my opinion. The sooner people vote with their feet and minimise the power of this arrogant and incompetent organisation, the better!

On a side note, and since I'm damned curious, does anyone know what happens to a domain registered through NSI once it expires? How many days does it sit idle, and if they do sell them, where?

Well, from my experience, they go into what you call "limbo" for 30-90 days, during which Network Solutions sends out about 1 email and snail mail per month reminding the registered owner that this is his/her "!!!FINAL NOTICE!!!" and that his/her domain is about to expire. During that time, the registered owner can't transfer the domain to another party without paying NetSol $35 to drag it back out of limbo and into registered status. IMHO, this is utter bullshit, as NetSol sends out so many emails and snail mails before the actual registration period is up that if the owner hasn't renewed it, it's time to let everyone else have a fair shot.

Here's the best part: next, after the domain is actually expired, NetSol gets a week to foist it onto those people who pay for its newly expired domains newsletter. If there are no takers THERE, then it finally moves on to the rest of us. *sigh*

NetSol has a (mostly uninformative) FAQ about it here.

I got a letter from Network Solutions a few months ago sternly warning me that "Your domain name is about to expire!" In the letter they included a link to renew the name with them. It took me several minutes of web-browsing and head-scratching to realize that the name wasn't registered with NSI in the first place - it was registered with Register.com! They weren't literally slamming, because if you read things carefully, they said they were going to transfer the name to NSI and renew it for two years. But still, it was a rather deceptive tactic - it looked very much like their normal, legitimate renewal notices. I wish I'd saved the letter, so I could post it to back me up. It seems too bizarre that they'd be accusing others of slamming now.

One other unrelated NSI gripe that doesn't seem to have been mentioned above is the cost of transferring ownership of a domain with Network Solutions. When you transfer ownership from one party to another within the same registrar, it's up to the registrar what to charge. Network Solutions charges their normal (though irritating) $35 annual fee, and adds a year to the expiration date. However, the transfer takes up to two months to complete!!!! If you want "expedited service," where they'll change ownership within about two business days, there's an additional $199 service charge!! See this for details. Other registrars I've used let you change ownership in a couple minutes with password and e-mail confirmations, and while the security there is arguably too lax, a 2 month wait for a domain already protected with Crypt-PW or PGP protection is absurd.

And since ICANN falls under the UN, which was created by Treaty with the US and other nations, ICANN's wishes override the Constitution by our own Constitutional definition.

Bzzzt!

Sorry, but you are incorrect. The ICANN has nothing to do with the United Nations. From the About ICANN page:

The Internet Corporation for Assigned Names and Numbers (ICANN) is the non-profit corporation that was formed to assume responsibility for the IP address space allocation, protocol parameter assignment, domain name system management, and root server system management functions previously performed under U.S. Government contract by IANA and other entities.

ICANN derives its authority purely from a contract with the United States government. Essentially, ICANN was created to replace IANA (John Postel r.i.p.) and ARIN.

The scary thing about ICANN is that they so quickly became beholden to Network Solutions and the other vested big-money interests, instead of paying attention to what's good for the Internet as a whole.

Recent revelations about secret deals to allow Network Solutions to hang onto the .COM databases essentially indefinitely should have woken up the US Congress to the degree to which ICANN has already been corrupted, but so far, there is no sign that anyone in Congress has noticed, nor do they appear to care.

From Verizon Attacks Critical Domain Names:

We [2600 et al] decided it would be a good idea to register verizonsucks.com because, if our experience with past phone companies is any indication, Verizon will in all probability be thought of in this way in the near future. But we didn't move fast enough. Apparently, Verizon realized this was going to happen and they went and had their lawyers register verizonsucks.com themselves! (The logic of owning a site that says your business sucks really escapes us.)

We did the next best thing and registered verizonREALLYsucks.com. We kept the domain in reserve for when we might need it. That day has come.

Also see: Verizon backs down from lawsuit threat

pherris

From Verizon Attacks Critical Domain Names:

We [2600 et al] decided it would be a good idea to register verizonsucks.com because, if our experience with past phone companies is any indication, Verizon will in all probability be thought of in this way in the near future. But we didn't move fast enough. Apparently, Verizon realized this was going to happen and they went and had their lawyers register verizonsucks.com themselves! (The logic of owning a site that says your business sucks really escapes us.)

We did the next best thing and registered verizonREALLYsucks.com. We kept the domain in reserve for when we might need it. That day has come.

Also see: Verizon backs down from lawsuit threat

pherris

I can resolve www.hotmail.com (it redirects me to somewhere at passport.com) but I find that I cannot ping either of hotmail's nameservers. I think hotmail is in my ISP's DNS cache.

I can ping all four of apple.com's nameservers, and I can also resolve www.apple.com. Can you ping any of apple's nameservers? See their Whois entry.

I cannot ping either of gnu.org's nameservers, and I cannot resolve any host in the gnu.org or fsf.org domains. See my post below about this.

Mike

You missed Daniella. Note that many of the records have master@earthdig-t-2000.com and the typically Hollywood phone number of 555-1234... good indication of something fishy.

Overall it's some good design work, much better than a lot of the other webverts. Speaking of which, has anyone managed to crack dunotech's employee access page yet? or do y'all suppose they'll make us wait till the movie is out? Trying to wget the page the form posts to results in a 302.

ie. is it goatsex that is leading the way?
Or is it plain Jane erotica?
Or do people simply not care as long as it's free?

That's the kind of metrics I care about. Maybe we could loosen the religious right's hold on America if we could show that, indeed, most people in this country are depraved lunatics. After all we are a D E M O C R A C Y right?

Steven

Ok, so I suppose that now all of you are going to try to convince each other that you trusted Verisign in the first place, da? Like, you know, the same Verisign that owns NSI. Right. I'll go for that.

an NSI whois reveals that the .la TLD is a ccTLD, just like most two-letter TLD's. If you're curious, just go to http://www.networksolutions.com/cgi-bin/whois/whoi s?STRING=la. enjoy.
--

Cinonic is the name of the company selling the devices.

psychosis.com is the email address domain of the submitter.

www.cinonic.com and www.psychosis.com have the same IP address.

Whois data for both domains shows the same individual involved with both.

cinonic and you'll have to type psychosis.com

Suspicious or coincidence?

• the administrative and technical contacts listed by network solutions
• the contacts listed by ARIN
• investor relations at the company (if publicly traded). visit their web page for IR contact.
• try to find email addresses for higher ups (VP responsible for infrastructure, CIO/CTO, etc.)
• postmaster@, security@, hostmaster@

I just got done transferring a domain from an ISP who was trying to hold the domain hostage. If you are the registrant, you can change anything you want by fax (with Network Solutions, at least). It is a pain in the ass, but it works. Look at Network Solutions Forms for more info.

And the funny thing is, at least in my mind, that cringingfacelesstoady.com is available as of 0836gmt, 14 Jan 2001.

Who's gonna jump on that bad boy?

isupportthemonolith.org seems to be registered in Seattle... :)

You should know that BoycottNPR.org is free for the taking. Who wants to run this??

Quantumdot.org: News for nodes. Size matters.

If you hit their website at http://www.networksolutions .co m/c gi- bin/whois/whois you can get contact info for domains that are registered with NSI.

You can also get the contact info by doing:

whois fuck.com@whois.networksolutions.com

at a commandline.

forge

The censorship seems to be restricted to US English usage... just tried NSI and it quite cheerfully offered to register (with advance apologies to our French speaking readers) encouler.com, and while poofter.com is taken, it suggested pooftercentral.com which is available.

Also, what about that famous site parodying Fast Company magazine and cataloguing the demise of silly .com startups? They must have registered somewhere.

The idea sounds good, but I do not see a $60-per-year option as a valid option...
It still is cheaper to click BlockAddres in your Yahoo! account or make a rule in your Outlook

The Domain Name System has not seen the introduction of new generic top-level domains since the mid-1990s when dot-net, dot-com and dot-org were added.

Since then, a number of country code top-level domains (ccTLDs) have been added -- .ps for the Palestinian Authority was the latest of these -- but the number of general-purpose TLDs of the dot-com variety has remained static.

The Domain Name System has not seen the introduction of new generic top-level domains since the mid-1990s when dot-net, dot-com and dot-org were added.

Since then, a number of country code top-level domains (ccTLDs) have been added -- .ps for the Palestinian Authority was the latest of these -- but the number of general-purpose TLDs of the dot-com variety has remained static.

The Domain Name System has not seen the introduction of new generic top-level domains since the mid-1990s when dot-net, dot-com and dot-org were added.

Since then, a number of country code top-level domains (ccTLDs) have been added -- .ps for the Palestinian Authority was the latest of these -- but the number of general-purpose TLDs of the dot-com variety has remained static.

The Domain Name System has not seen the introduction of new generic top-level domains since the mid-1990s when dot-net, dot-com and dot-org were added.

Since then, a number of country code top-level domains (ccTLDs) have been added -- .ps for the Palestinian Authority was the latest of these -- but the number of general-purpose TLDs of the dot-com variety has remained static.

The Domain Name System has not seen the introduction of new generic top-level domains since the mid-1990s when dot-net, dot-com and dot-org were added.

Since then, a number of country code top-level domains (ccTLDs) have been added -- .ps for the Palestinian Authority was the latest of these -- but the number of general-purpose TLDs of the dot-com variety has remained static.

Anyone can register a .EDU domain on NETSOL's page. If registering a .EDU domain, there is a box to fill in one's reason for doing so, but there's no means to check whether this is a valid education system, and as long as you're a paying customer, no one seems to mind. I know this might sound a little off the wall, but I really can't imagine that using a .EDU domain for another purpose is something many people are interested in doing, nor would anyone else really care.

14. What are the guidelines for registering an .EDU Web Address?

Registrations in the .EDU domain are reserved for colleges and universities that grant degrees at the bachelor, master and doctoral level, or its foreign equivalent. Each college or university may register only one .EDU Web Address. Graduate programs, remote campuses, etc., cannot obtain a .EDU Web Address of their own. Instead, they should obtain a third-level domain beneath the second-level domain of their institution. Inquiries should be directed to the registrant of the second-level domain.

Inquiries should be directed to the registrant of the second-level domain. If the college or university registering the Web Address meets this criteria, it must provide a brief explanation of the kinds of degrees awarded under "Purpose/Description" on the registration form.

Many foundations, institutions, consortia, centers, etc., that have educational missions but don't meet the criteria for a Web Address registration in the .EDU TLD register their Web Addresses under the .ORG TLD. K-12 schools and community colleges are typically registered under country domains such as .US.

-- /help/faq-newreg-enduser-bap.html

Although that's '97. I W00p.. first post!

I must be a moron. I can't get NetSol to change my contact information, delete a domain, or change the technical contact info on a domain.

I've had to do updates at "NetSOL" several times, and these people are scary. I swear they purposely make their site and procedures nearly impossible to decipher. For what it's worth, I stopped having excessive trouble with their automated email-verification scripts (this was a while ago) after realizing (after much hair-tearing) that it is extremely important to be sure that the lines are not wrapped by your email client, in the "template" forms that you email back to them. Also, there must be a space between the colon at the end of each record-descriptor, and the content following on that line (if any). Or, is it must not be a space? Geez, emulate whatever is on the other lines, you know?

It's been a while and this may be obsolete, or slightly mangled in exact detail. I've never had to resort to the infamous fax procedure, and can offer no useful advice on that except to keep on hand a bottle of Aleve, or "other" measures to relieve pain and suffering.

I've since snuck out the back way to a more friendly (OpenSRS reseller) registrar with password protection and decent security, not to mention immeasurably more useable automated scripts for Web-access account management.

I must be a moron. I can't get NetSol to change my contact information, delete a domain, or change the technical contact info on a domain.

I've had to do updates at "NetSOL" several times, and these people are scary. I swear they purposely make their site and procedures nearly impossible to decipher. For what it's worth, I stopped having excessive trouble with their automated email-verification scripts (this was a while ago) after realizing (after much hair-tearing) that it is extremely important to be sure that the lines are not wrapped by your email client, in the "template" forms that you email back to them. Also, there must be a space between the colon at the end of each record-descriptor, and the content following on that line (if any). Or, is it must not be a space? Geez, emulate whatever is on the other lines, you know?

It's been a while and this may be obsolete, or slightly mangled in exact detail. I've never had to resort to the infamous fax procedure, and can offer no useful advice on that except to keep on hand a bottle of Aleve, or "other" measures to relieve pain and suffering.

I've since snuck out the back way to a more friendly (OpenSRS reseller) registrar with password protection and decent security, not to mention immeasurably more useable automated scripts for Web-access account management.

Organizations playing god don't deserve to be on the internet.

I agree with that. But it's not MAPS who is playing God. There is certain other organization that frequently attempts to do so.
___

A story on more of NSI's incompetence...

NSI *has* released one I know of. I client of mine lost www.esni.com due to non-payment. The only problem was not receiving a bill. Not the 2 emails nor the paper bill that NSI says it sent.

I know of one other name/site I host that had the same problem but since he has only one (and not a ton going to the same site). Nobody would have wanted this name anyway since it has 18 characters vs. 4.

I called Mike (the once and maybe future owner of esni.com) to tell him that he wasn't recruiting anymore but that he was selling viagra for $6 bucks a pill from Korea to other Americans without a perscription. And the name has not one thing to do with the drug seller's name or business.

Truth be told, IBI registered this, not NSI (one of the new registrars). But that means NSI released it. And within a few weeks of the supposed billing. Hopefully, Mike will pursue it since it is the acronym of his company and the new corporate imagery is based on it. NSI offered to and then transfered me to what amounts to their legal office when I called about the name and no bills since obviously there was a problem. Hopefully, he'll get it back.

4 character are hard to come by.

I think it would be helpful to have a central website devoted to reverse engineering tools, as well as archives of legal documents, tracking reverse engineering news developments, discussion forums for trading tips and so on.

Anyone want to set one up? I don't really have the time right now but I could contribute expertise and code.

What would be a good domain name?

Or are there any sites like this already? Certainly there must be sites that contain bits of what I propose - but what about a full-fledged reverse engineering archive and portal.

Better not physically locate it in the US!

I think it would be helpful to have a central website devoted to reverse engineering tools, as well as archives of legal documents, tracking reverse engineering news developments, discussion forums for trading tips and so on.

Anyone want to set one up? I don't really have the time right now but I could contribute expertise and code.

What would be a good domain name?

Or are there any sites like this already? Certainly there must be sites that contain bits of what I propose - but what about a full-fledged reverse engineering archive and portal.

Better not physically locate it in the US!

I think it would be helpful to have a central website devoted to reverse engineering tools, as well as archives of legal documents, tracking reverse engineering news developments, discussion forums for trading tips and so on.

Anyone want to set one up? I don't really have the time right now but I could contribute expertise and code.

What would be a good domain name?

Or are there any sites like this already? Certainly there must be sites that contain bits of what I propose - but what about a full-fledged reverse engineering archive and portal.

Better not physically locate it in the US!

.ORG: The top-level domain originally designated for miscellaneous entities such as non-profit organizations that do not fit under any of the other top-level domains. Any person or organization may now register a domain name in .org, a worldwide top-level domain.

Remember that Verizon preemptively registered many, many other domain names for themselves, including the original verizonsucks.com, plus verizonblows.com and countless others. And there's nothing on those sites, and there almost certainly never will be.

I would suggest to those who are saying "At last, a big corporation does something good!" that they are at best doing the right thing for the wong reason but more likely paying off their noisiest opponent to effectively silence dissidence.

They have managed to avoid a court case, to avoid bad PR, and to avoid the net squatting issue completely without too much media attention. And they still own most of the best names for protest sites. Not exactly cause for celebration.

Remember that Verizon preemptively registered many, many other domain names for themselves, including the original verizonsucks.com, plus verizonblows.com and countless others. And there's nothing on those sites, and there almost certainly never will be.

I would suggest to those who are saying "At last, a big corporation does something good!" that they are at best doing the right thing for the wong reason but more likely paying off their noisiest opponent to effectively silence dissidence.

They have managed to avoid a court case, to avoid bad PR, and to avoid the net squatting issue completely without too much media attention. And they still own most of the best names for protest sites. Not exactly cause for celebration.

Easy. He bypassed Network Solutions (and most other registrars) and went straight to the (open) source. From the Network Solutions WHOIS ("Nature, it seems, is not without a sense of irony..."):

Domain Name: FUCKEDCOMPANY.COM
Registrar: TUCOWS.COM, INC.
Whois Server: whois.opensrs.net
Referral URL: www.opensrs.org
Name Server: DS1.VIRTUALSCAPE.COM
Name Server: DS2.VIRTUALSCAPE.COM
Updated Date: 26-jun-2000

I guess most unis etc go for ccTLDs, because well, they don't move very much, or start international franchise (yet).

hmm sunsite.doc.ic.edu doesn't seem to work:)

It's even in the FAQ

And after reading their homepage, there can not be any doubt left. The domain is also registered just 3 weeks ago

It is funny though...

However, they're gone now, due to the following in my view:

- lack of consumer demand when credit cards work just fine for most transactions
- lack of merchant interest in a brand-new transaction system
- probably a large amount of chargebacks, as it was popular with the adult sites for a while

The real issue is that customers really don't want anonymity for many transactions. They like having the credit card statement with all their charges on it. Whether or not this is ultimately wise, that's the typical consumer behavior.

sulli

As shown in a previous message, "icy.hot" is one of the domain names that have expired back in February, yet is still unavailable for re-registration. Here are the revelant parts of the WHOIS information:

Domain Name: ICY.COM
Record last updated on 08-Mar-1999.
Record expires on 15-Feb-2000.
Record created on 14-Feb-1996.
Database last updated on 7-Jul-2000 16:34:07 EDT.

Go to Network Solution's Home Page and try to register "icy.com". You can't. Netsol says "Sorry, icy.com is not available.". Fair enough. So, I've decided that on behalf of the owner of icy.com, I'm going to pay his bill. So I go to the NSI Online Payment System. I enter "icy.com" as the domain I want to make a payment on. Here's the response I get:

Related information could not be retrieved for the domain. This could be because:
1.The top level domain is not a com, net, or org.
2.An invoice number could not be created for this domain.
3. The invoice number given does not match with that in the database.

Well, it isn't #1, and it isn't #2. It certainly isn't #3 because I did a lookup by the domain name, not the invoice number. And if I enter a domain name that completely doesn't exist, I get a different error:

Related information could not be retrieved for the domain. This could be because:
1.The domain information has not yet been processed or updated into the database.
2.You entered an incorrect domain name.

So, the domain name can't be registered. Okay. The domain name can't be renewed either. (Netsol *might* try to claim that they can do it with an invoice number -- but COME ON. Why would it be blocked in their automated payment system? I'm sure they'll have a good lie for this one.)

Network Solutions is making up the rules as they go along, and they need to have their feet held to the fire and be accountable for their actions. Someone ought to sue them over this.

As shown in a previous message, "icy.hot" is one of the domain names that have expired back in February, yet is still unavailable for re-registration. Here are the revelant parts of the WHOIS information:

Domain Name: ICY.COM
Record last updated on 08-Mar-1999.
Record expires on 15-Feb-2000.
Record created on 14-Feb-1996.
Database last updated on 7-Jul-2000 16:34:07 EDT.

Go to Network Solution's Home Page and try to register "icy.com". You can't. Netsol says "Sorry, icy.com is not available.". Fair enough. So, I've decided that on behalf of the owner of icy.com, I'm going to pay his bill. So I go to the NSI Online Payment System. I enter "icy.com" as the domain I want to make a payment on. Here's the response I get:

Related information could not be retrieved for the domain. This could be because:
1.The top level domain is not a com, net, or org.
2.An invoice number could not be created for this domain.
3. The invoice number given does not match with that in the database.

Well, it isn't #1, and it isn't #2. It certainly isn't #3 because I did a lookup by the domain name, not the invoice number. And if I enter a domain name that completely doesn't exist, I get a different error:

Related information could not be retrieved for the domain. This could be because:
1.The domain information has not yet been processed or updated into the database.
2.You entered an incorrect domain name.

So, the domain name can't be registered. Okay. The domain name can't be renewed either. (Netsol *might* try to claim that they can do it with an invoice number -- but COME ON. Why would it be blocked in their automated payment system? I'm sure they'll have a good lie for this one.)

Network Solutions is making up the rules as they go along, and they need to have their feet held to the fire and be accountable for their actions. Someone ought to sue them over this.

--