Slashdot Mirror
NSI closes top level Domain Servers
Cris writes "Looks
like NSI is closing access to all it's top level domain
servers, except for people that "need access." This is
allegedly a way to eliminate spamming, but they've denied
access to many companies which depend on these servers for
their businesses. "
The trick would be to have the new servers host "alt" top-level domain .. that way people could use the official and the unofficial systems without conflicts...
:)
Hmm, quite an amusing idea actually
That's ok though, their days are numbered.
Or so we're lead to believe...
Can anyone tell me what, exactly, they're restricting access to? I read the ZD article twice and I still can't make heads or tails of it. I'm hoping that the fault lies in the writing, not in the reading...
Yeah, no problem. You just need a set of root servers and a bunch of clients pointed at them. Root servers are easy... there's no practical difference between a hostname, a domain name, and a TLD, so BIND and a fat pipe'll do you. The problem is getting enough clients to use your servers in preference to/in addition to NSI's. You'd need to convince a significant portion of the Internet in order to do any good...
Ah. Got it now. So it's just full zone transfers they're restricting, not any access to the root zone information (which, unless my reading comprehension is failing me, is what the article says). I didn't _think_ it was the latter... the whole system would break if they did that...
(And, yes, I have set up a few DNS servers... I own and operate two domains and their associated name servers.)
I was bothered by the restrictions placed on the information but was alarmed that they consider the information their 'Intellectual Property'.
Sounds mighty corporate to me.
Codifex Maximus ~ In search of... a shorter sig.
It was just recently that I learned that you could download these files. "This is great," I thought, "for once somebody has done something useful. Now I can cache domains over the local net!" So, I eagerly ftped to the directory, and noting the small file size, I read the README. It explained basically the same thing that this article did. Curses, foiled again!
F0 07 C7 C8
The only contact info found in the zone file is the e-mail address in the SOA of the zone itself, and while name server maintainers probably get their share of junk e-mail, there is no point in downloading the entire .COM zone (with some 3.5 million subdomains) in order to find out that <hostmaster@INTERNIC.NET> is the maintainer of that zone.
Thus, I can't say I'm buying into the anti-UCE argument in this case. What exactly have they done to that end?
As long as they merely prevent bulk access to the entire thing, but I can still access individual records as needed, I don't mind too much.
The Software Publishers Association spammed a number of e-mail addresses found in the WHOIS once (I could tell, because my WHOIS address is not used for anything else) merely to "inform" me that my FTP server could be used for distribution of pirated software! They haven't apologized yet, and I haven't reported a single case of piracy to them since.
Shorten the grace period for new domain names. Or even make them pay up front. That would really kill domain name speculation. There's no need to disable a valid service of DNS to get rid of speculators.
As an example, Netscape could modify its browser to use their own server for DNS lookups by default (the user could change it later if desired). Netscape's own DNS server could support Cool New TLDs and pass anything it doesn't trap out to conventional DNS servers. This could result in massive segments of internet users migrating to a new DNS provider and new domain naming scheme. This might be sufficient to make NSI want to be competitive and to change their evil ways. :)
Oh yeah, MS could do this with IE too, so maybe this isn't such a good idea.
Ya know, if you max out your credit card(s), you can live pretty high on the hog for a while... until the bills come.
This is exactly what socialist democracies like Canada and New Zealand (and others) do, with the exception, that the government maxes out each of the residents' "credit cards", and if your a lucky citizen, you might get something back for the charge, less "administrative government expenses", of course.
I was born, and lived in, Canada from 1961 to 1997, and I saw the rise of socialized this and that, to see it all crumble pretty badly by the time I left. I paid the approximate equivalent of US$23k income tax on an income of US$43k, supporting a non-employed spouse and child, as well as myself. Add to that 8% provincial and 7% federal "value added" taxes on about everything you buy. Take away all the supposed social benefits that got "clawed back" because I was a "high income" earner.
Socialist democracies are unsustainable in the long term, regardless of how seductive the idea appears in the short term.
Pointing to the failings and corruption within the U.S. government (of which there are many), blaming them on a capitalist economic system, and suggesting that some kind of socialist democracy is the answer is either very short-sighted thinking, or an attempt to stage a communist-style coup d'etat.
In Liberty, Rene
I can see why they are tightening up access to the information.
I have a couple of domains registered. One of the domains has a company name that ONLY appears in the DNS records. I have been recieving snail mail from companies that have been "mining" the DNS record for thier own slimey purposes. It really pisses me off how many corporate bottom-feeders consider the net their own way of "Making Money Fast".
And people wonder why I hate sales people so much.
"Trademarks are the heraldry of the new feudalism."
I work for an ISP and over the past year we've purchased two smaller local providers. They were both running NT and I had to convert everything over to run on our Linux servers.
Among the issues I ran into was determining which domains were registered to the other ISP's nameservers. Their nameservers were poorly maintained, some domains had transferred, etc.. I also wanted to know if there were any domains that listed these nameservers as authoritative but weren't listed in the config files.
The only way to do this was a root zone transfer. I received an e-mail a few weeks ago from InterNIC stating that access would be renigged soon. I just checked and my access is gone. Luckily, I downloaded them all a few days ago.
Yes, some of the things I needed to check could have been done with Whois. But others couldn't. Of course, InterNIC is now offering monthly reports of domains associated with a nameserver but at the time, this service didn't exist.
I think it's bad policy to restrict access to people who have a legitimite need. Restricting access to root zone files will not stop spam to domain contacts. The spammers will simply scour other sources for e-mail addresses and run Whois queries on each domain they encounter. Yeah, it makes it a little bit harder but they'll do it nonetheless.
dig @192.5.5.241 com. axfr | gzip - > com.zone.gz
For the last few years, I have must have heard ten or twenty people talk about mining the zone files for marketing information. I can only assume that some of these obnoxious people have gone ahead and done just that.
I'm curious, though, if NSI will now open up a "service" for companies that want the files...
When those guys say
"All customer data is our intellectual property,"
are they saying that what they own is the knowledge that 205.244.119.10 = http://www.familycom.com or that what they own is the knowledge that http://www.familycom.com = 205.244.119.10 or what?
I see even classic Slashdot is now pretty much unusable on dial up anymore.
DNS spammers search the DNS database for valuable domains that are about to expire, then send repeated requests for the domain by E-mail, hoping they'll get it first. NSI is getting hit with thousands of spam requests a minute. As a result, it took me two weeks and a few phone calls to get a new domain registered. Fortunately, NSI's customer service is pretty good -- it had better be for what we pay.
Although NSI is certainly in the pocket of the military-industrial complex, I have even more contempt for most of the people who have complaints about namespace issues. In our culture, such disputes generally have nothing to do with free speech and everything to do with rip-offs, con artists and scumsuckers like the Canadian who owns 200,000 domain names and the "whitehouse.com" guy.
I love busybodies especially anonymous coward know it all mothery busybodies. Must be an american. Ha...
Land of the Free. Aside from all the people telling each other how to live their lives because it raises taxes for the rest of us.
Grrrrr....
While I'm not thrilled at the prospect of the root zones being considered "intellectual property" of NSI, I'm sick and tired of getting spammed with messages promoting hosting and search engine placement every fscking time that I register a domain for a client. Can a person both applaud and decry at the same time?
________________________
Corporate Jenga: You take a blockhead from the bottom and you put him on top...
Could someone explain to the more ignorant of us exactly *what* has been closed off? Just Zone transfers from the root servers? Or ability to send queries (and then, recursive, or not?)
If they did block non-recursive queries, surely the DNS system would stop....
Sorry, but I didn't find the article technically clear.
Adrian
complaining about the load on its servers.
That having been said. The DNS database is a public databse. The governement should have torn up thier contract.
Im work for one of the compaines that no longer has access to these.
They gave me a nice letter stating that using their list doesn't benifit the net so I can't have access. Now I have to craw the net looking for the same information. That seems to me to be alot worse for the net to me.
I heard rhumors that just about everyone will be denied access... seems to be true to me since I was withing acceptable use 6 months ago.
I'm not an expert on this, but aside from MS suing for copyright violation (which they'd almost certainly have a case for), yeah, I think that would be legal since the microsoft.com issued by Internic is different from the one issued by Alternic.
Kinda like if I have mr_poe@cats.ucsc.edu for an email address and I copyrighted the name, could I sue mr_poe@baltimore.ma.us? Hmmm... =:)
Ok, to preempt the flamers, yes that was a bad example.
I find the present DNS situation highly disturbing. I have written a very comprehensive document explaining why this is such a big threat.
Network Solutions monopolistic ambitions are clear. The difficult question is how to stop them. Right now there appears little that can be done other than trusting that the government and ICANN don't screw up.
not "transport". And it's IP addresses, not ...
TCP/IP addresses. And are they really bound
to domains? I'm not an expert on this, so I
better shut up now
Someone just tried to auction some domain names
on eBay for $1000.00, item #67595554, nobody
bid on em.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
As stated above, these are one possible route to undermining NSI's total grip on the "domain name market". But is it really all that impossible to get a new TLD widely listed? What about fine examples like .nu or .us? Heck, if you get enough important sysadmins to go along with it, you could have all kind of crazy TLDs flying around in the near future... (how about .alt, .biz, .fsf, or maybe even .slash? :o) )
This is what always happens when things get privatized. God, how long will it take the US to learn...
on another note, is it possible to set up an entirely separate hierarchy of domain names - entirely bypassing all these tyrrainical abuses of power?
-Laxative
Well, I can't speak for Sweden, but NZ does not have a socialist system, or anything close. Maybe fifteen or twenty years ago you could say that we had something close, but these days the economy is as capitalist as they come. I think that we actually have a more open market than the US (basically no tarrifs or subsidies). Whether this is a good thing or not is, of course, the subject of much debate...
- "I never could learn to drink that blood and call it wine" - Bob Dylan (Tight Connection to my Heart)
One who makes insulting generalizations about people an ocean away had better be perfect, or he leaves himself open to be attacked on any possible front.
"All of the data under the original cooperative agreement comes under our auspices. All customer data is our intellectual property," Clough said.
OK, I'm going to make a map and declare it my intelectual property, then everybody will have to pay me mucho dineros to use any of the roads...
I'm sick of it all
Has it ever occurred to you that God might be a committee?
Has it ever occurred to you that God might be a committee?
--- Jubal Harshaw
No, my first language isn't English. And the bad punctuation is more a matter of me being tired. My fingers keep thinking faster than my mind can type...
;-)
And I do love my ignorant self
Has it ever occurred to you that God might be a committee?
Has it ever occurred to you that God might be a committee?
--- Jubal Harshaw
# nslookup
.com in the file com.zone in the current directory.
Default Server: xxxxxxxxx
Address: X.Y.Z.W
> server f.root-servers.net
Default Server: f.root-servers.net
Address: 192.5.5.241
> ls com > com.zone
---
You get to see a lot of hashes (#) and end up with
Has it ever occurred to you that God might be a committee?
Has it ever occurred to you that God might be a committee?
--- Jubal Harshaw
You are correct, it is not mine and I have modified it to show this. When I found the quote, it was not attributed to anybody. If you have a reference I'd appreciate it.
Has it ever occurred to you that God might be a committee?
Has it ever occurred to you that God might be a committee?
--- Jubal Harshaw
While I agree that capitalism sucks, it's not a type of government, and neither is socialism. They are both types of economies, entirely different from government. You could easily have a capitalist dictatorship, or a socialist democracy, or a communist republic. I also wasn't aware that Sweden and New Zealand were socialist countries.
-matt
I agree. I really hate to think what I must sound like to someone who speeks spanish as their native tongue.
-matt
Some ISPs and universities need to stand up for freedom. If the InterNIC wants to stop spamming, they should announce a policy that they will remove any spamming domains on sight. Of course, they won't do that.
Has anyone ever looked into the history of NSI? From what I can tell, they were originally formed to perform contract work for the government whe, say, a company like AT&T was working for the government but needed to be 10% minority owned to comply with affirmativeaction regulations. NSI would step in and actually do the work, since they were (technically) minority-owned. It seems like an incredible abuse of the
affirmativeaction plan, which was intended to help small minority-owned businesses, not one or two millionaires.
Oh well. Entropy is always increasing, and the Internet is not excepted from that rule. Let's just hang together and do what *we* can for freedom.
Cheers,
Joshua. (I do mourn the death of --jon. all the more deeply because he kept this kind of madness from going on.)
--jon. Postel is dead. May we all mourn his, and our, loss.
From what I gathered from the article, they aren't closing access to the top level servers, in fact they aren't changing anything on the top level servers. They are taking away access to the zone files for the top level domains. You can still use whois and all that, personally it's an unfortunate consequence of people abusing those files. I can't tell you how much mail (e-mail and snail mail) I suddenly recieved after registering a domain for myself. I've stopped the address the domain is registered under because of all the spam it gets. However, I do think that they are also using it to deny access to competitors who should be given access. It doesn't seem to be as horrid as the original post makes it seem, but I'm sure that their motives aren't exactly pure. Goes to show how badly we need new domain policy and infrastructure in place.
Ummm...yeah. Actually brainchild, this is what happens when the government GIVES someone a monopoly, then realizes it was a mistake and that group does everything it can to hold onto the power it was given. See the phone companies and utilities for more on this.
Kick Ass!
Last time I checked, New Zealand had one of the largest deregulated/privitized telecom industries in the world.
I live there, and the MoneyGrabbingDingDongs (TM) are alive and positively squirming.
:v)
We've got service cutbacks, privatised this, privatised that, user pays and now some dork has the idea that it'd be good to cut the number of MPs. I suspect they'd like to reduce it to one.
DomaiNZ have the internet fairly well wrapped up as a closed shop, plus we have to pay data charges per megabyte (unless you don't mind having your access limited to a few hours - download Staroffice? Haha).
New Zealand ain't what it used to be and it needs a fair amount of stick from the rest of the world to make the policiticans here realise they can't rest on their laurels any longer. Or rely on the goodwill of the average Kiwi; It's all been sold overseas.
Vik
The only type of government that works is socialism. Just look at places such as Sweden and New Zealand!
DES Khaddafi KGB genetic jihad Uzi Rule Psix Qaddafi cryptographic Peking Mossad Legion of Doom Albanian Serbian Saddam
Bad idea. Currently, DNS looks at your local
(ISP, college, company, whatever) server rather
than sending the request halfway across the
Internet. That way the root servers don't melt
down from having to service zillions of requests,
since info is cached locally.
The only way to change this that's feasible is
to have your organization point to somebody else
as a root name server.
No, I believe you can still query their root name servers, just not download the entire database at once. DNS caching is still valid--- it's "prefetching" the entries that you need permission for. The downside for NSI is that they may see increased load on the root servers if fewer sites have up-to-date databases.