09/24/2010

DNS .be starts controlling new domainnames before activating them

There is a new leadership around at DNS.Be and maybe our battering on security had some effects but the new head of DNS.Be says that every day they go manually over all the new registered .be domainnames and throw out these that are malicious or need more investigation.

According to the chief of DNS.Be they have already thrown out a whole bunch of domainnames.

It doesn't have to be a manual operation although, but that there is at least some controls and checks is already a good step in the right directio. The advantage is that after a while you will be so accostumed to the flow of registrations that you will develop a knowledge and a gutfeeling that will become your maintool for doing this job is an ever diminishing timeframe. 

the second step should be to set up a warning and information exchange system between dns.be and other domainextension operators so that registrations that were flagged or blocked or stopped in one domainzone are also blocked in another if it has the same characteristics.

and after a while you will have a secret database with the historic information about the registrations of all these malicious domainnames (thousands every day).

Even if it doesn't stop the cybercriminals we shouldn't make it too easy either

and the next step would be that domainnames or registrars that have been flagged can't use anonymization services for the dns or whois anymore.

The report that has shown that .be was the fifth biggest victim of fastflux domainname registrations had some effect.

Permalink | |  Print |  Facebook | | | | Pin it! |

The comments are closed.