Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

WHOIS db datamining

  • From: Scott Francis
  • Date: Tue Feb 12 00:16:13 2002


Apologies for starting a new thread - I seem to recall one recently regarding
somebody who was having difficulty making more than X requests per Y seconds
to the WHOIS servers (receiving disconnects). Received a spam recently from
212.171.42.117 offering the contents of .com/.net/.org/.edu on 4 CDs (reported
to the usual sources - spamcop, abuse@domain, abuse@upstream, and in this case,
abuse@internic.net (see below) ).

My annoyance at receiving a spam is fairly limited - I have become used to it
by now. However, I am curious - the WHOIS servers (some of them, anyway) contain
a statement in the connect message that explicitly prohibits commercial use of
the registry. And IIRC that earlier thread, too many connection attempts from a
single location in a certain amount of time would cause a disconnect
(presumably to thwart this very type of datamining).

====
"By submitting a WHOIS query, you agree that you will use this Data only for
lawful purposes and that, under no circumstances will you use this Data to:
(1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail
(spam); or  (2) enable high volume, automated, electronic processes
that apply to Network Solutions (or its systems)."
====

Is NetSol/VeriSign serious about enforcing this? Are they willing to
blackhole abusers? One would think it would be a trivial matter to engineer
the servers such that more than X attempts per Y seconds either results in
a block (temporary or permanent) or flags the activity for later review (a la
IDS). Perhaps I am vastly oversimplifying such a task.

I sent my concerns to NetSol's abuse department already, but I hold little
hope of that achieving anything of lasting significance. I was really hoping
to get either "been there, done that", "try X" or even "this is off-topic -
stop polluting the list" from those of you that have been down this road
before.

-- 
Scott Francis                   darkuncle@ [home:] d a r k u n c l e . n e t
Systems/Network Manager          sfrancis@ [work:]         t o n o s . c o m
GPG public key 0xCB33CCA7              illum oportet crescere me autem minui




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.