A secure democratic Net is a fundamental right

First we found .be and .eu domains the 13th of january that were present in phishtank.com and listings from Arbor Networks and that didn't made any sense because they were just a combination of words and letters. They were nearly all registered by Belgates.be

It was clear that this was looking like a botnet campaign that was using a fast flux technique (presentation) to make it difficult to be taken down. Some of the zombies (infected computers part of the botnet) were also present in Belgian universities.

Some of them were disabled but there were enough of them to alert dns.be that this was going on. This is important for any domainextension because in movement from blacklisting to whitelisting domains and domainextension, this could kill smaller domainextensions. ICANN also published some guidelines and a report about fast flux botnets. Which is open for public comment now.

This is why we appealed to the authorities to act quickly and not to have a situation in which - because we have no CERT - everybody is looking at everybody but nobody is doing anything.

SO we kept up the pressure by publishing lists and lists and lists hanging on the phone and trying to help the people that were actually responsable for trying to solve the matter.

We would say that is wouldn't be possible if all involved hadn't worked together (Arbor Networks for the intelligence, FCCU for the legal part and DNS.Be for its quick responsiveness and initiatives)

It is for this reason that with this attitude the .be domainextension can, will and must become a safe domain. Organized crime should look elsewhere because we keep a watch about what is happening on our domainextension and will appeal to any of our stringent cybercriminality and domainownership laws to keep the bad guys out.

Every local domainextension should do the same.

* make connections with the securitycommunity

* have a direct line with the local computercrime police unit

* make sure the law can respond 'in time'

* adapt your rules of use so much abuse can be taken care off based on your own reglementation

DNS.Be has announced that they have blocked more than 150 .be domainnames that were active in that fastflux botnet.

February we will go after the typosquatters in the .be domain, so stay tuned and see how we will finish this month ......