NameStarter.com :: domaining business blog // Domaining for Domainers

Archive for the ‘domain security’ Category

VeriSign Offers Tools to Secure Domain Names

April 7, 2010domain security, Domain Services, domain theft, Domaining, Domainnamewire, registry lock, VeriSignComments Off on VeriSign Offers Tools to Secure Domain Names

Two tools from VeriSign help keep your domain names secure.

VeriSign two factor authenticationWith a couple recent high profile domain thefts, and the recent hijacking of Baidu’s nameserver settings, I reached out to VeriSign Chief Technology Officer Ken Silva to learn what VeriSign offers to help domain owners protect themselves.

“Over the next 12 months, we’re working so that from the time a person registers a domain name and creates an account to when it gets resolved, almost every single solitary aspect of the process will have the ability to be much more secure,” said Silva.

A number of protections are already offered to VeriSign’s registrar channel to help lock down domains.

VeriSign Registry Lock is a service that would have prevented the hijacking of Baidu.com’s nameservers.

“Once the domain is set and configured with its nameservers, it cannot be changed by anyone except the registry itself,” explained Silva.

Registry Lock essentially locks down the domain at the registry level. Anyone wishing to make a change that is controlled by the registry needs to go through their registrar, which in turn passes along verification to VeriSign.

Since VeriSign manages .net and .com, which use a “thin whois”, this basically means the name servers are protected. Information about the registered user is held only by the registrar, so VeriSign can’t directly protect a change to the registered user with this lock. Registry Lock is an ideal service for Fortune 500s and other companies that rarely need to change their name servers, but would be significantly affected by a hijacking. This service certainly would have saved CheckFree and Baidu a lot of money and public relations headaches.

VeriSign also offers two factor authentication, which enables registrars to more securely authenticate logins. Domain owners don’t have to worry about passwords getting compromised because a second authentication mechanism is used.

For example, Name.com offers a key fob with constantly changing security pins.

In another example, domain owners can download an iPhone app that is then registered with the service. Whenever a user logs in to his registrar account, the app will provide a one time pin or password for authentication. VeriSign already offers this service for non-domain web sites, such as PayPal.

Helping registrars offer services to protect registrants is a big part of VeriSign’s security push. But it also goes further as the company wants to protect the entire domain transaction — including visiting any .com web site. VeriSign is currently implementing DNSSEC. Look for it to be applied to .edu first, then rolled out to .net and .com.


© DomainNameWire.com 2009.

Review and rate domain name parking companies at Parking Judge.

Related posts:

  1. VeriSign: 162 Million Domain Names Registered
  2. VeriSign Gets Patent for Suggesting Alternative Domain Names
  3. Breaking: VeriSign Hikes Domain Prices Again

Domain Registrars Often Blamed for Customers’ Mistakes

October 20, 2009domain expiration, Domain Registrars, domain security, domain theft, Domaining, Domainnamewire, eNom, GoDaddyComments Off on Domain Registrars Often Blamed for Customers’ Mistakes

Critical customer mistakes often blamed on domain registrars.

Domain security tipsWhen online backup service CrashPlan.com went down earlier this month, the company was quick to blame its domain name registrar GoDaddy. Code 42 Software, which runs the CrashPlan.com service, tweeted about how GoDaddy “mistakenly removed our root nameserver entry”, “inappropriately took over our DNS”, and did a DNS “hijack”.

What Code 42 Software never tweeted was that it had mistakenly let the domain name expire. The outage was Code 42’s fault, not GoDaddy’s.

None of the previous five e-mails GoDaddy sent to Code 42 Software alerting them to the impending expiration got the company’s attention.

The myth that GoDaddy was to blame then spread across the web. One commenter on an unrelated CNET story wrote that “GoDaddy somehow hosed their domain.” (Code 42 Software did not respond to a request for comment for this story.)

Domain registrars frequently get thrown under the bus when one of their customers makes a mistake. In another case, a registrant of a popular web site had their non-Go Daddy email account compromised, which allowed an attacker to steal their domain name by transferring it away from GoDaddy. The customer publicly blamed GoDaddy, even though the problem was with the customer’s e-mail security.

GoDaddy deals with the brunt of attacks like this, given its massive size and mass market strategy. But other registrars feel the heat, too. Earlier this year fingers were pointed at eNom when several high value domain names were stolen. The real culprit? The customer used a weak password, allowing the thief to access their account.

Companies with popular web sites have a number of added tools they should use to protect against many of the most common domain problems. Moniker and Fabulous offer domain locking tools with added security. GoDaddy offers Protected Registration. Companies should also subscribe to DomainTools’ Registrant Alert to find out about potential theft quickly. The sidebar of this story has other tips for protecting your domain names.

The difficulty for domain registrars is how quickly misinformation spreads across the web. It doesn’t matter that it was Code 42’s fault that CrashPlan.com went down. It doesn’t matter that it wasn’t the registrar’s fault that a domain was stolen. Just the accusation, combined with the viral nature of social media, can damage a registrar’s reputation.


© DomainNameWire.com 2009.

Review and rate domain name parking companies at Parking Judge.

Related posts:

  1. Domain Registrars Offer Discounts if You Ask; $5.99 Renewals at GoDaddy
  2. Role of Domain Registrars to Change Over Next 5 Years
  3. Expired Domain Services Let Employees Bid Against Customers

Domain Registrars Often Blamed for Customers’ Mistakes

October 20, 2009domain expiration, Domain Registrars, domain security, domain theft, Domaining, Domainnamewire, eNom, GoDaddyComments Off on Domain Registrars Often Blamed for Customers’ Mistakes

Critical customer mistakes often blamed on domain registrars.

Domain security tipsWhen online backup service CrashPlan.com went down earlier this month, the company was quick to blame its domain name registrar GoDaddy. Code 42 Software, which runs the CrashPlan.com service, tweeted about how GoDaddy “mistakenly removed our root nameserver entry”, “inappropriately took over our DNS”, and did a DNS “hijack”.

What Code 42 Software never tweeted was that it had mistakenly let the domain name expire. The outage was Code 42’s fault, not GoDaddy’s.

None of the previous five e-mails GoDaddy sent to Code 42 Software alerting them to the impending expiration got the company’s attention.

The myth that GoDaddy was to blame then spread across the web. One commenter on an unrelated CNET story wrote that “GoDaddy somehow hosed their domain.” (Code 42 Software did not respond to a request for comment for this story.)

Domain registrars frequently get thrown under the bus when one of their customers makes a mistake. In another case, a registrant of a popular web site had their non-Go Daddy email account compromised, which allowed an attacker to steal their domain name by transferring it away from GoDaddy. The customer publicly blamed GoDaddy, even though the problem was with the customer’s e-mail security.

GoDaddy deals with the brunt of attacks like this, given its massive size and mass market strategy. But other registrars feel the heat, too. Earlier this year fingers were pointed at eNom when several high value domain names were stolen. The real culprit? The customer used a weak password, allowing the thief to access their account.

Companies with popular web sites have a number of added tools they should use to protect against many of the most common domain problems. Moniker and Fabulous offer domain locking tools with added security. GoDaddy offers Protected Registration. Companies should also subscribe to DomainTools’ Registrant Alert to find out about potential theft quickly. The sidebar of this story has other tips for protecting your domain names.

The difficulty for domain registrars is how quickly misinformation spreads across the web. It doesn’t matter that it was Code 42’s fault that CrashPlan.com went down. It doesn’t matter that it wasn’t the registrar’s fault that a domain was stolen. Just the accusation, combined with the viral nature of social media, can damage a registrar’s reputation.


© DomainNameWire.com 2009.

Review and rate domain name parking companies at Parking Judge.

Related posts:

  1. Domain Registrars Offer Discounts if You Ask; $5.99 Renewals at GoDaddy
  2. What Should Domain Registrars Do with Expired Domain Names?
  3. Expired Domain Services Let Employees Bid Against Customers