North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: 'Whois protection service'
- From: Joshua Brady
- Date: Wed Jan 26 22:52:13 2005
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=fZsTyLhRQK2r3kqFBVg8p50ZJUmBXYsE4TpYP53lkxrXCNKnwg8OiCCHxM6419FK6cE+NmanE8u5LqBYits/Tu/N6jk2t9KhVw4owpLimB3C2s0AsyhL8zCoy+K71TluVfCaEc56zfhhYsJtqFwpK58cAdNDEBhZBrMt1MlL0lI=
On Thu, 27 Jan 2005 16:26:00 +1300 (NZDT), Mark Foster
<blakjak@blakjak.net> wrote:
>
> Hi folks.
Hello Mark,
> Don't post a lot here but i'm figuring you folks will know more about this
> than my local NOG...
Glad to have you on NANOG.
> When investigating a host that spammed me today, I noted that when I
> whois'd the domain that the mailserver involved has forward/reverse dns
> pair for, the domain whois information comes up as follows:
>
> Found crsnic referral to whois.enom.com.
>
> Registration Service Provided By: Registerfly.com
> Contact: support@registerflysupport.com
> Visit: http://www.RegisterFly.com
>
> Domain name: xmux.com
>
> Registrant Contact:
> RegisterFly.com - Ref# 14155933
> Whois Protection Service - ProtectFly.com (14155933.fly@spamfly.com)
>
> I'm unsure how appropriate it is to post anything more specific in the
> open forum, but i've never seen this before. Whats the deal with hiding a
> domain name owners true identity?
> Is this not simply yet another protect-the-spammers mechanism?
It will probably be called off-topic, flamed and dragged through the
mud, yet to answer your question. It is fully legit, yet it does have
its bad sides. I use it personally to keep prank callers from calling
me directly.
[soms@posche /]$ whois somsworld.com
[Querying whois.internic.net]
[Redirected to whois.godaddy.com]
[Querying whois.godaddy.com]
[whois.godaddy.com]
Registrant:
Domains by Proxy, Inc.
15111 N Hayden Rd., Suite 160
PMB353
Scottsdale, Arizona 85260
United States
Registered through: GoDaddy.com
Domain Name: SOMSWORLD.COM
Created on: 25-Aug-04
Expires on: 25-Aug-05
Last Updated on: 18-Jan-05
Administrative Contact:
Private, Registration SOMSWORLD.COM@domainsbyproxy.com
Domains by Proxy, Inc.
15111 N Hayden Rd., Suite 160
PMB353
Scottsdale, Arizona 85260
United States
(480) 624-2599 Fax --
Technical Contact:
Private, Registration SOMSWORLD.COM@domainsbyproxy.com
Domains by Proxy, Inc.
15111 N Hayden Rd., Suite 160
PMB353
Scottsdale, Arizona 85260
United States
(480) 624-2599 Fax --
Domain servers in listed order:
NS1.HITMANIT.COM
NS2.HITMANIT.COM
> I followed up the chain - the authoritive DNS servers for the domain in
> question are hosts within a different domain, and this also has the same
> protection engaged....
>
> Is this old hat or something new? Is this still conformant to standard
> .com/net registrant rules and regs? (here in .nz, the registry information
> is required to be current and valid, and i've never seen a Registrar pass
> itself off as the owner of a domain before (at least in any legitimate
> situation))
It is all current information, and valid. I have gotten letters passed
through to me from godaddy. Its a perfectly legit situation. Yet in
your case it may not be, and it may be used to hide the person.
> Thanks in advance,
> Mark.
--
Joshua Brady
|
