Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×

Domains May Disappear After Search 379

Ponca City, We Love You writes "Daily Domainer has a story alleging that there may be a leak that allows domain tasters to intercept, analyze and register your domain ideas in minutes. 'Every time you do a whois search with any service, you run a risk of losing your domain,' says one industry insider. ICANN's Security and Stability Advisory Committee (SSAC ) has not been able to find hard evidence of Domain Name Front Running but they have issued an advisory (pdf) for people to come forward with hard evidence it is happening. Here is how domain name research theft crimes can occur and some tips to avoiding being a victim."
This discussion has been archived. No new comments can be posted.

Domains May Disappear After Search

Comments Filter:
  • by jacquesm ( 154384 ) <jNO@SPAMww.com> on Friday December 28, 2007 @11:39AM (#21840264) Homepage
    Always use a command line tool. The webservices are notorious for such sniffing, I've never seen or heard about it happening from the unix command line.
    Better still, simply use your registrar to do a registration, if that works then it was free :)

    http://rndpic.com/ [rndpic.com]

    • by Pyrion ( 525584 ) on Friday December 28, 2007 @11:47AM (#21840350) Homepage
      SysInternals (now Microsoft) has a whois CLI tool for Windows as well.

      http://technet.microsoft.com/en-us/sysinternals/bb897435.aspx [microsoft.com]

    • by Anonymous Coward on Friday December 28, 2007 @12:11PM (#21840612)
      I am positive this happened to me, and I only used the whois command from the OpenBSD command line to look the domain up. It was not a domain name that I can imagine anyone else wanting, but it was fairly short. Two days later (after checking with my client) I went to register it and it had been taken. I became immediately suspicious. Three days after that, I see this story...

      Would it help anyone to know who took the domain? I can't seem to get to the article yet.
      • Re: (Score:3, Interesting)

        by jacquesm ( 154384 )
        Interesting! What provider where you using ? Which whois server and can you figure out the hops that your request passed through ? Chances are that your packets have been 'sniffed' at some hop in between your BSD machine and the whois registry server. That chance exists but is significantly smaller than having it happen when you use a web based service.

        The best protection is to keep the 'window' between testing and registering as short as you can manage, preferably no more than a few *minutes* !
        • Easier solution (Score:5, Interesting)

          by suggsjc ( 726146 ) on Friday December 28, 2007 @03:28PM (#21842468) Homepage
          Beat the scammers at their own game. Set up an automated script that does whois lookups for random combinations of words. More or less just flood them with requests and they won't be able to tell which ones are legit lookups. Whoever the douchebag is, will either eventually run out of money, or have to expend more time to improve his algorithm, or just blacklist your ip.
      • Re: (Score:3, Insightful)

        by sm62704 ( 957197 )
        Two days later (after checking with my client) I went to register it

        Why would you wait to days and check with your client when you can register a domain for about two bucks? I'm a cheapass but man, you have me beat. You can't even buy a single beer in a bar for two bucks!

        You should have gone ahead and registered it as soon as you thought of it without doing any whois lookup, THEN checked with your client. If he didn't want it you were out two bucks. If he did then you could have transferred it anywhere, to
      • by sporkmonger ( 922923 ) on Friday December 28, 2007 @03:34PM (#21842532) Homepage
        Happened to me too. Same exact story. Domain was good, but not something anyone else would be interested in. I did a search on a web service, and the domain was registered out from under me within an hour.

        The perpetrator, in this case, was one Hank Ceigler, who, it turns out, was working for GoDaddy at the time. I'm not sure if he was a contractor or a full-time employee, but he was definitely involved in the domain business. I contacted him to see if he was interested in selling the domain, and he quoted a price over twice the appraised value of the domain.

        I would love to know why GoDaddy is still allowed to register domains. They're scum.
      • by murdocj ( 543661 ) on Friday December 28, 2007 @03:43PM (#21842640)

        I am positive this happened to me, and I only used the whois command from the OpenBSD command line to look the domain up. It was not a domain name that I can imagine anyone else wanting, but it was fairly short. Two days later (after checking with my client) I went to register it and it had been taken. I became immediately suspicious. Three days after that, I see this story...

        Just to present a counterpoint: a couple of years ago, the opposite happened to me. I registered a domain name based on the name of my character in an online game. It was certainly an unusual name that I had never run into.

        A few days later, I got a somewhat angry email from someone wanting to know why I had taken that name, because it was their surname, and they had planned on registering it. Once I explained the situation the guy calmed down and all was well.

        But the moral is that it is quite possible that someone, completely innocently, took the domain you were researching, within a day or so you doing it, because that's exactly what happened with my domain. In my case, I just got lucky... 2 days later, the domain would have been gone.

    • Re: (Score:3, Insightful)

      by sm62704 ( 957197 )
      I didn't RTFA (I must not be new here and besides, it's a PDF) but the summary is pretty confusing.

      'Every time you do a whois search with any service, you run a risk of losing your domain,'

      So if I do a whois search on mcgrew.info [mcgrew.info] I risk losing my domain? That hardly seems likely! But if I hadn't registered it it wouldn't be mine, now would it? You cannot steal imaginary property, and if it's only in your head it's by definition imaginary.

      And why would one do a whois search to look up a domain one wanted? I'
      • Re: (Score:3, Interesting)

        by eh2o ( 471262 )
        Whois terms of use are for information lookups only to find the owner of a domain. Sniffing queries and buying up the non-taken names that someone has expressed interest in is, at the very least, a commercial application of the data, which is forbidden. The crime is contract breach.
    • by ardent99 ( 1087547 ) on Friday December 28, 2007 @01:32PM (#21841420)
      According to one of the articles linked, the command line is actually a worse alternative. NSLookup requests go through your ISP's domain name server, which logs the NXD (Non-eXistent Domain) responses. Many ISPs augment their revenue by selling this information.

      Doing a whois request at a reliable registrar's web-site doesn't go through your ISP's DNS. The larger registrars are probably more trustworthy than your run-of-the-mill ISP. For example, I believe GoDaddy and Network Solutions have stated that they would never provide such information to third parties.

    • by thecountryofmike ( 744040 ) on Friday December 28, 2007 @02:16PM (#21841860)
      Several years ago, I mentioned to my roommate at the time that it would be cool to register thinkoutsidethebox.com. Before I knew it, he had typed the name into some website that supposedly lets you know if the name is taken or not. I was like "Dude, why would you do that? They'll just end up registering the name themselves!".

      The domain wasn't registered when he queried it. But since he didn't buy it right then and there, it WAS registered an hour or so later, by the very site he typed it into.

      This has been going on for years, but now the scammers don't even have to rely on roommate stupidity.

  • Data mining (Score:5, Informative)

    by karl.auerbach ( 157250 ) on Friday December 28, 2007 @11:44AM (#21840304) Homepage
    It has long been rumored that domain name registries snap up names when they see signs of interest. Unfortunately ICANN's committees don't have the tools to really open up the clamshell and see what is really going on deep inside registries and registrars.

    However, there is another matter - that of data mining of the query packets that arrive at root and top level domain servers.

    ICANN's contracts do not prohibit data mining of the query stream, in fact they openly permit it. Thus Verisign has the right to look at incoming queries and generate a body of information about what domain names are being uttered by users. It's not a big step from that to come up with a list of names that would be nice things to have if one wants to spatter up a bunch of Google Adsense ads and collect click revenue.

    (Also, because the entire domain name, not just the top level parts, hits root and top level domain servers, through a bit of statistical reduction, one can produce a data stream that is of interest not only to paying marketeers but, perhaps, to certain national intelligence agencies.)
    • Re:Data mining (Score:4, Interesting)

      by kalirion ( 728907 ) on Friday December 28, 2007 @01:31PM (#21841416)
      There have been articles about it before, and I know for a fact that some registrars reserve a domain as soon as someone uses their site to do an availability/whois search for it. Several days later the reservation is released. During this period only that registrar can be used to register the domain. For the customer, this has both an advantage and a disadvantage.

      The obvious disadvantage is that they can't use one registrar to determine that a domain is available and then shop around and use a cheaper registrar to actually buy the domain.

      The advantage is that no third party squatter will be able to snipe the domain for themselves - unless of course they use the same registrar.
      • Re:Data mining (Score:4, Interesting)

        by v1 ( 525388 ) on Friday December 28, 2007 @04:14PM (#21842970) Homepage Journal
        Scenario: you go to your fav registrar, regme.com, and test for bluetulipsandmore.com and it's available. regme.com locks it and sits on it for a few days. They see another query for it on their site 2 days later, probably from you as a followup test. This taste moves bluetulipsandmore.com to a second list they are keeping. They sell this second list to some scum they do business with, including bluetulipsandmore.com and about 8,000 other addresses that have been "tasted" in the last few weeks. The scum looks over the list of interesting unregistered (but reserved) domains, and cherry picks 100 of them to actually register, including your beloved bluetulipsandmore.com. Now you go to register it and poof, it's already registered. You go to that site and find it's been parked and has a convenient link to email gimmebackmydomain@gmail.com where you can purchase the domain after they do a background check on you to find out how much they can squeeze out of you. Instead of registering the link for $7 or so, you fork over $200 for it since you don't have any other choice. regme.com sees a $20 cut of that a month later.

        THIS is one of the things they are trying to prevent.
  • by jafiwam ( 310805 ) on Friday December 28, 2007 @11:45AM (#21840306) Homepage Journal
    Though, not on the "in minutes" time scale.

    My buddy and I even made up names with random letters in a string of 15 or 20, then some porn words stuck on the end ".com".

    Sure enough, two days later some squatter had them.

    I think the leak is in the registrars themselves. Imagine the money someone could get from the squatters by simply setting up a script to automatically email these queries somewhere.

    "Never a more wretched den of scum and villany" describes the whole domain registration process pretty well I think.
    • by Shotgun ( 30919 ) on Friday December 28, 2007 @12:18PM (#21840694)
      My buddy and I even made up names with random letters in a string of 15 or 20, then some porn words stuck on the end ".com".

      So there's the answer to the problem. Bombard the servers with requests for random names. The sleazoids will be forced to either go through the names manually, looking for likely candidates, OR they'll have to register everything...which might tend to get a tad expensive. A script that would hit the whois server with a single randomly generated name every time someone logged into a linux box would probably not put undue hardship on the root servers, but still generate way to many names to feasibly register.

      The way to break a scam is to make it expensive to continue. A similar scheme could work for spam. Go through the filtered emails, making a list of URLs. Wait for slow network usage, and do a throttled wget to /dev/null on the websites. Once they can't sell Viagra from their DDOSed site, they'll stop. Someone will eventually try spamming with a URL of a big corporation. The big CEO will sit down with the Pres, explain their problem, the finally the FBI, CIA, NSA, MADD, and AARP will all be called out, and the spam problem will finally be brought to an end. (Heh, I jest...but only slightly).
      • Re: (Score:3, Insightful)

        by John Hasler ( 414242 )
        > So there's the answer to the problem. Bombard the servers with requests for random names.
        > The sleazoids will be forced to either go through the names manually, looking for likely
        > candidates, OR they'll have to register everything...which might tend to get a tad
        > expensive.

        It doesn't cost them a penny. Google "domain tasting".
        • by TheCarp ( 96830 ) * <sjc@@@carpanet...net> on Friday December 28, 2007 @01:06PM (#21841212) Homepage
          ahhhh however....

          if a concerted effort were made to cause them to truely jam up the system with this. We could potentially cause them to have a cost. you see...they can taste and taste but realize that there is a bigger fish who is letting them taste his waters.... the registrar that allows tasting.

          So... right now, domain squatting is a headache for us, but overall, a minor one, and an even more minor one for the resgitrar. If we could hit them with enough queries, that they truely "taste up" the system... you do two things....

          1) You decrease their profit per domain
          2) You cause headaches for the registrar as you turn up the volume and jam things up for everyone else

          thus... you make their bottom line a small bit worst, and their cost to the tit they are feeding off of go up.

          Do it enough and they will either have to stop using whois, or the registrars will stop letting them taste.

          Either way, its a win for everyone else. This is totally one of those things where the situation needs to get worst so it can be made better, there is currently just no real pressure on the registrars.

          I say.... jam up whois with queries!

          -Steve
          • by TheCarp ( 96830 ) * <sjc@@@carpanet...net> on Friday December 28, 2007 @01:09PM (#21841240) Homepage
            Oh yah...alternately....

            if one of these guys was found in his home, dead, his lifeless body hanging by a rope attached to his testicles, blood completely drained, and the word "SQUATTER" carved into his flesh (with forensics reporting it was carved in before he died).... well that would make the news.

            If it then happened to one more of these guys every week... we might see a decrease in this buisness model.

            Not encouraging anyone...just... planting seeds.... maybe some will take root....

      • by orclevegam ( 940336 ) on Friday December 28, 2007 @12:28PM (#21840826) Journal
        As some have pointed out it costs the squatter nothing. They have a loophole because many registrars allow a 30 day trial period on a domain in which you can have it and if you decide you don't want it you can get rid of it for no cost. The squatters can then play a shell game by having a set of dummy companies swap the domain between themselves without ever passing the 30 day mark. With only 3 companies a squatter could tie a domain up for just under 3 months, and never have to pay a penny.
        • Comment removed (Score:5, Informative)

          by account_deleted ( 4530225 ) on Friday December 28, 2007 @12:47PM (#21841040)
          Comment removed based on user account deletion
      • by Se7enLC ( 714730 ) on Friday December 28, 2007 @01:31PM (#21841410) Homepage Journal
        A company already tried that one. Blue Frog [wikipedia.org] maintained a list of "do not spam" email addresses. Every time a user got a spam message, it would go to the websites being spammed and submit all the web forms with "do not spam me" spam, linking back to bluefrog. Basically a DDOS. There was a lot of backlash for that one and bluefrog is no longer in the anti-spam crusade business.
    • Re: (Score:3, Informative)

      by Tiger4 ( 840741 )
      I just tried it over at Network Solutions (took three words and glued them together). The made up name wasn't registered. They not only offered to register the name for me, but it also offered me common Misspellings that would be a near match, common search term names similar to the one I queried, and Premium names that are already available for sale, all on the same registration page. How much of a stretch is it to assume they track this kind of thing and pass it on to someone to register?
    • Re: (Score:3, Interesting)

      by vimh42 ( 981236 )
      No doubt. A number of years ago I wanted to register a domain name so I did a lookup and found that it was available. I wasn't sure who I was going to use to host so I didn't register right away. Two days later a domain squatting company registered it for a year. I waited till that year was up and did another whois. The domain was available. I made the mistake of not registering it then and there. A day later, the domain was registered for the period of five years. In this six years, never has the domain be
  • by TheWoozle ( 984500 ) on Friday December 28, 2007 @11:46AM (#21840330)
    Over the years, the Internet and its resulting commercialization have lead to some truly awful buzzwords and mangling of the language (may the person who first coined "blog" rot in hell)...

    But ye gods! "domain tasting"?!

    I can see it now... "The slashdot.org '97 was a superb one; It had a playful nose, a full, rich body and a piquant aftertaste. The digg.com '07, however, can only be described in scatalogical terms."
  • by InvisblePinkUnicorn ( 1126837 ) on Friday December 28, 2007 @11:46AM (#21840334)
    How does this apply to me? I make it a point whenever entering my credit card number and personal information into an order form, to do a Google search first to make sure someone else doesn't have the same information, so they don't get confused and send my order to them instead.
  • Theft? Crimes? (Score:5, Insightful)

    by mi ( 197448 ) <slashdot-2017q4@virtual-estates.net> on Friday December 28, 2007 @11:47AM (#21840338) Homepage Journal

    Here is how domain name research theft crimes [emphasis mine -mi] can occur

    Theft? Crimes? Does Slashdot now think, an idea can be "property" and/or "stolen"?

    • by Chysn ( 898420 )
      > Theft? Crimes? Does Slashdot now think, an idea can be "property" and/or "stolen"?

      Too-SHAY.
  • Not a new trend. (Score:4, Informative)

    by palegray.net ( 1195047 ) <philip.paradisNO@SPAMpalegray.net> on Friday December 28, 2007 @11:50AM (#21840400) Homepage Journal
    I'll swear this has been happening for years. I've taken to the habit of not searching for a new domain until I'm ready to buy it, right then and there. In the past, I've seen cases where customers have searched for a domain, found it to be available, and by the time they had a meeting the next morning to discuss buying it have it be registered by someone else (usually a squatter). In a sense, it's just common sense that a lot of the domain search "services" would engage in a competitive practice like this. I'm not saying it's ethical, but it's been going on for a long time.

    Maybe the community can come up with a list of guaranteed reputable domain search services that take measures to prevent this sort of activity, and support those organizations.

    • This type of domain name sniffing and squatting has been happening for years. I 'tested' registration of a domain name on ICANNs biggest contractor. They havent changed their page. and the next morning, as I was paying for the registration, the registration record came up 'owned' by someone else. ( Purchased the following day. Since I tested the name at about 11:15 p.m. It was an automated system, in place and doing its dirty work.) A squatting company in Pasadena, who sold it to someone in Oregon. Nothing
  • Don't use Godaddy (Score:3, Interesting)

    by teknopurge ( 199509 ) on Friday December 28, 2007 @11:51AM (#21840404) Homepage
    I've heard rumors of GD domain "tasting" for the past 18 months, maybe longer. If true, it's pretty pathetic that they need to do that in order to make money.
    • Actually, Bob Parsons (CEO of GoDaddy) has been complaining about "domain tasting" and "domain kiting" for years. Google Bob Parsons domain tasting [google.com] and look at the results. I wouldn't be surprised if it's happening upstream from Godaddy, but I'd be shocked to find Godaddy is in any way willingly facilitating the practise.

  • by asv108 ( 141455 ) <asv@i[ ]s.com ['vos' in gap]> on Friday December 28, 2007 @11:51AM (#21840406) Homepage Journal
    I've executed many whois domain searches in the past, only to find the domain I looked at registered the next day. There are a few ways to avoid this problem:
    • Register a domain as soon as you search for it
    • Avoid using registry based WHOIS tools.
    The ICANN requirements for becoming a registrar are VERY weak. There are a lot of disreputable operations out there who could be colluding with domain prospectors. Even with the bigger registry operations, its still possible for people to get access to the whois queries. You have no idea what that web whois box is actually querying, and there is no privacy guarantee.
    • Comment removed (Score:5, Informative)

      by account_deleted ( 4530225 ) on Friday December 28, 2007 @12:12PM (#21840614)
      Comment removed based on user account deletion
      • > This happened with me on godaddy, one of the biggest.

        And one of the least reputable.
        • by zyzko ( 6739 ) <kari.asikainen@ g m ail.com> on Friday December 28, 2007 @12:48PM (#21841054)
          Could you back that up? There are horror stories for every registrar, but GoDaddy is in my opinion one of the best of the cheap ones. Their customer support actually works (I have always got a response to email within 2 hours - Network Solutions has 12-24 hour answer time at best and they cost 5x as much as GoDaddy, not to mention their refusal policy to transfer domains to other registrars without phonecalls (I'm not living in the USA so the phonecalls to them are expensive international ones) just because they think transfer is "suspicious").

          Also - GoDaddy has a quite nice spam policy - which other cheap registrars often don't have and they actually do not care much because being too strict about spam would not give them income.

          joker.com would be nice because their web interface is clean and they don't try to sell you a kitchen sink with your domain, but their spam policy has at least in the past been non-existant.
    • Re: (Score:3, Interesting)

      by zyzko ( 6739 )
      If you got Unix shell access what's wrong with dig soa yourdomain.com? No need to use whois, and the only one who knows you did the query is the TLD operator, and if they (for .com Verisign) are corrupt and sell this data you are screwed.
  • by zakeria ( 1031430 ) on Friday December 28, 2007 @11:53AM (#21840420) Homepage
    perhaps whois should provide Md5 lookup for a domain instead so people cant snoop at the domain being queried.. so instead of for example whois: somedomain.tld its whois: a79f888f1c2dc50c6b354c0d816f5bf5 simple and effective.
    • That's an *excellent* suggestion !

      Also, if you have to use a web based tool use a reputable registrar (I'm using 'moniker' now, after having used bulkregister for years but I didn't feel like staying with enom after the bulkregister takeover, enom has a pretty bad rep, as does godaddy).

    • Uhm... except for that whole problem of hash collisions. Plus as was already pointed out it doesn't do you any good when it looks like it's the registrars themselves snooping you. Using hashes would also require the registrars to maintain a second registration DB of hashes which invariably will mean one of them will offer a hash -> domain mapping service and you're right back at square one (more or less, would have to be "hash" -> "list of possible domains" due to collisions).
    • Re: (Score:3, Interesting)

      Comment removed based on user account deletion
  • Would it be possible to request so many nonexistant domains to make this unprofitable? Or would they just figure you're having a seizure at your keyboard and drop your IP from the logs?
    • by jandrese ( 485 ) <kensama@vt.edu> on Friday December 28, 2007 @12:01PM (#21840496) Homepage Journal
      No, because they get to sit on the domain name for free for 30 days and then drop it if they want. Domain Name registration is an amazingly shady part of the internet for being such an important piece. I have long suspected that the registrars (especially the no-name ones) and the domain squatters are one in the same.
      • Publish the names you've looked up so that other people can run a script to hit them.
        After a few hits, the squatter will register the domain. This costs $$
        it cost you nothing to do a whois and run an automated script to hit random
        URLs from a list. Once a domain is registered, it can be dropped from the list
        and never pinged again.
  • that will query random domain names.

    Millions of them. Have fun squatters!
    • I hope you are joking, please don't do this, abusing the whois system is an excellent way to get yourself blacklisted in inconvenient places. Piss off enough people and you will be in the shithouse for years to come.
  • by Simon Carr ( 1788 ) <slashdot.org@simoncarr.com> on Friday December 28, 2007 @11:56AM (#21840464) Homepage
    I'm more than just not surprised by this, I've known it without proof for years. Doing queries for total junk domains, and then three or four days later finding out that those domains had been registered? Too weird. And that was years ago.


    One of the problems stem from the fact that any whois query can be sniffed (or SNORTed) if it passes over the wrong network hop anyway, so there isn't much you can do unless you're ready on the trigger to register the domain almost immediately. One thing you CAN do if you're going to do web queries (because not everybody has a whois command line installed) is query via;


    https://www.easywhois.com/ [easywhois.com]


    Note httpS. I can certify that Mark J doesn't do domain tasting [privateworld.com], that's not the business EasyDNS is in [www.cnw.ca]. So if you do do a query via EasyWhois it's not going to get snagged after 24 hours (at least not from our end).


    [ Disclaimer: Yeah I work for EasyDNS :) ]

    • Re: (Score:2, Insightful)

      by Anonymous Coward
      Having the connection between your browser and the registrar encrypted is irrelevent, as the whois query the registrar sends out will be unaffected.
      • As noted, yep. But at least you can cut down on the variables if you're using a more reputable web front-end. Mark has gone on the record to make whois search privacy an issue.
  • by DeeQ ( 1194763 )
    There is a opt out program so that your WHOIS isn't tracked.
  • by rickb928 ( 945187 ) on Friday December 28, 2007 @12:06PM (#21840552) Homepage Journal
    Period.

    Much of not most of the spam I'm deflecting nowadays seems to come from 'tasted' domains. Or just made up. I almost don't care about the difference.

    The last time I read about this, more than a month ago, one snarky idea was to script a tool to randomly taste domains, constantly. If the registrars are forwarding the requests to squatters, they would go crazy with the surge in requests. The squatters would fritter away resources keeping up with these random searches, and eventually the WHOIS functionality of the registrars would have to change. And the script would change, and so on.

    I think domain tasting ought to go away, or cost something. $2 for a 14 day taste would wreck the economics, maybe, certainly if random search scripts got going. My server could probably do 100,000 searches a day. I know it can send out 3-4 million spams a weekend, sadly.

    Of course, the registrars could block my IP after a while. And blocks of IPs. So we need a Seti@Home-type script that hammers these things out, and let them block every dialup/dsl/cable/sat block. Hehe.

    No, it's not devious enough.

  • Trial garbage (Score:5, Insightful)

    by Dan East ( 318230 ) on Friday December 28, 2007 @12:06PM (#21840554) Journal
    Can anyone give one legitimate reason why anyone would need to "trial" a domain? Is that to see how it looks in the browser's address bar?

    Wouldn't doing away with that stupidity make things a lot harder for these losers that park / squat domains?

    Dan East
    • by flonker ( 526111 ) on Friday December 28, 2007 @01:51PM (#21841622)
      Stolen credit cards, spelling mistakes, simple "changing your mind."

      Back in the day when a domain registration was $100 for two years, we had the misfortune to hire a dyslexic person to type in orders. We ended up losing several thousand dollars, (quite a lot for a small business,) and even having him double and triple check the spelling didn't work. In short, he was let go after a few months.
  • Common sense (Score:4, Interesting)

    by huckamania ( 533052 ) on Friday December 28, 2007 @12:10PM (#21840590) Journal
    Packets are being sniffed as they traverse thru the tubes. Try this, do a google search for something made up. Try to get a page result of 0. Do this a few times and write down each time you get a 0 result. Come back in a few days and do a google search and you will probably find some custom pages. Is this google tasting?

    I'm thinking that I'm not liking the direction this is going...

    Sniffing, tasting, hmmm, what comes next, digesting? Excreting?
    • Re: (Score:3, Funny)

      by houstonbofh ( 602064 )
      Packets are being sniffed as they traverse thru the tubes. Try this, do a google search for something made up. Try to get a page result of 0. Do this a few times and write down each time you get a 0 result. Come back in a few days and do a google search and you will probably find some custom pages. Is this google tasting?

      Interesting... I just tried with the word "carkfuck" and got 0 results. I wonder what it will look like next week? Oh Shit! It will point to slashdot!

      PS: I had to try a few nonsen
  • Google it first..? (Score:5, Insightful)

    by garatheus ( 993376 ) on Friday December 28, 2007 @12:13PM (#21840638)
    When thinking of potential domain names, I usually use the inurl: function in Google. I generally only use part of the name too - that way you're able to see all the potential variations of the domain name you're thinking of working with (and possibly giving you some inspiration too)...
  • When I read this, I was a bit concerned there might be someway queries were being intercepted by command line tools, but that doesn't seem to be the case. I have a big list of open domain names that I was considering about 15 months ago, and doing a quick survey just now, there are quite a number that are still open. There were also a number of them that were now taken, but the dates on them didn't show any particular scary pattern. Just sometime in the last 15 months someone else thought of my rejects. :)

  • by smooth wombat ( 796938 ) on Friday December 28, 2007 @12:22PM (#21840746) Journal
    Apparently, this story goes along with this one [slashdot.org].


    I guess from now on one will have to register a name blind and see what happens.

  • Don't use whois. Just open up a webbrowser and enter the doman you want. See what the browser returns. If possible use different dns servers or locations. Your search should look like normal web querys. Onces you are sure that you domain isn't registered go snarp up the fucker.

    • Omg don't do that! (Score:5, Informative)

      by sakdoctor ( 1087155 ) on Friday December 28, 2007 @12:39PM (#21840956) Homepage
      From the page linked from TFA:

      "It is such a strong urge to type the domain name into the address bar and see what website comes up. Most users think perhaps there is already a company using the name and this will be a quick end to the question. Wrong! This is the most dangerous thing to do. Internet Service Providers (ISP) sell NXD (Non-eXistent Domain) data."
  • Anyone up for flooding the Internet with whois requests so these automated processes register up a ton of crap domains & burn up all their funding ?
  • by davidwr ( 791652 ) on Friday December 28, 2007 @12:30PM (#21840840) Homepage Journal
    I posted this [slashdot.org] over 18 hours ago. I checked it on Network Solutions's web-based Whois last night and again a few minutes ago. The domain is available.

    By the way, the solution to the "tasting" problem is to either put a very low limit on the number of "free tastes" people or companies can have in a year.

    Another way is to simply charge tem a pro-rated amount based on a minimum usage, say, 1/26 of the annual fee for 2 weeks.

    Another way is to charge a non-refundable setup fee, say, 1/12 of the annual fee, which would be credited against the 12th month of service. Whatever this fee is, it should cover the actual costs of registering and de-registering a domain plus provide an optional small profit to the registrar.
  • by Animats ( 122034 ) on Friday December 28, 2007 @12:33PM (#21840868) Homepage

    There's been some concern about this over at the Anti-Phishing Working Group. Much phishing seems to come from domains held for very short periods. But it turns out that's not "domain tasting". It's phishers buying domains with stolen credit card numbers, using retail domain registrars. After a few days, the credit card number is detected as stolen, the transaction is reversed by the bank, and the registrar deletes the domain.

    This seems to be a separate problem from "domain tasting". But the "grace period" loophole that makes "domain tasting" possible also enables this scam. If registrars couldn't return domains to the TLD registry without paying, they'd have to raise their standards of customer validation.

  • How far "up the chain" would someone have to be that would allow them to register domains "for free" for an extended period of time (6 months)? Is it possible these Domain Squatters can make a profit because of corruption somewhere, IE they pay only funny money for domain registration?
  • by Nom du Keyboard ( 633989 ) on Friday December 28, 2007 @12:46PM (#21841026)
    Why is this so hard to verify. Use each registrar to test availability of domain xyzzyplugh99.com, changing the index number "99" for each test. Try back the next day and see which ones are sudden unavailable, then complain LOUDLY!
  • This is old news (Score:3, Interesting)

    by LM741N ( 258038 ) on Friday December 28, 2007 @01:06PM (#21841216)
    Its happened to me several times and the domain names were not very common words- or words at all for that matter.
  • by ajs318 ( 655362 ) <{sd_resp2} {at} {earthshod.co.uk}> on Saturday December 29, 2007 @07:41AM (#21847732)
    This sort of thing has been going on for ages. You check on a domain name, it turns out to be available, then next day it's mysteriously gone. After all, why would someone check up on the availability of a domain name unless they were interested in buying it? And if they're interested in buying it, maybe they wouldn't object to paying a bit more for it?

    If you can afford a Nominet membership, two static IP addresses and a Linux box with Apache, Perl, GPG and BIND, you too can become a domain scammer! Sell domain names "from" some riduculously low figure, which -- it transpires, after reading the small print, which is so small you have to press ctrl + "+" several times just to be able to see it -- only applies to long, unpronounceable strings, with actual words coming at a higher rate. Set yourself up a dodgy affiliate programme {is that a tautology?} where people can put a little form on their pages querying your WHOIS service. A little drive-by download which diverts other domain queries to your own server wouldn't go amiss {best to do this from one of your affiliates' pages, though}. Now you know what domains people are looking up and, being a Nominet member, you are in a position to register the most interesting ones straight away {you can even do this fully-automatically, since all you have to do to buy a domain is send a GPG-encrypted email}.

    Registering a domain is so cheap, if you're a member of Nominet, that it's worth a few failures for the successes you will achieve. (You can also register easy mistypings of the name, and post content there which might help persuade the owner of the correctly-spelt domain to purchase those domains from you.)

FORTUNE'S FUN FACTS TO KNOW AND TELL: A giant panda bear is really a member of the racoon family.

Working...