.ru will block international sales from the first of april and are .be and .eu ready ?

First the .cn domain blocks all international sales and says that it will go through an internal clean-up after becoming one of the most malicious domains on earth and the internet. It will now become necessary to go in person with your identity papers to the offices to get an .cn domain name. For the time being, but I suppose that a verification process will be set up so that things can go faster.

Secondly we see an expected migration of malicious domains to the .ru domain that are being used for fastflux botnets, phishing and malware infections

The .ru domain has announced that it also will clean up this mess and stop the international sales starting the first of april and will control the identity of those who want to buy a domain name with the .ru domainextension.

Where will they go after that ?

They need a domain extension that you can register online with bogus addresses that aren't controlled instantly with temporary creditcards and for which the registrars (the companies that sell the domainnames) don't ask too many questions.

.be and .eu have proven to be in that category because last year there were a number of fastfluxdomains with these domainextensions. After some weeks of campaigning on this blog and some contacts and lobbying behind closed doors, the sites were downed by a coordinated action of the FCCU, Justice Department and DNS.Be but meanwhile some people have left DNS.Be and it is not clear if the procedures and contacts will still hold when an new onslaught of malicious domains will start.

The greatest danger for any domainextension is that they wait too long to intervene so that after a while the filtering on mailservers and internetconnections will just blacklist any domain with that domainextension (as most now do for .cn and .ru) and that the international value of that domain just crashes.

For the moment aside the .ru dominance of the fastflux botnetdomains, .uk and .kr are the most prevalent in the listings. They should contact arbor networks to clean up and get a procedure to block those domains at the rootlevel of their domainextension. It is the only way to stop fastflux botnets and it increases the responsability of the different players in the domainextension world.

Yes, the global insecurity of the internet has reached your business on a level that you will have to take coordinated fast drastic actions if you want to survive - even as a business. Nobody will want to buy a local domainname if its reputation is tarnished by an international crimegang and blocked by thousands of networks.

The comments are closed.