[TECH] Domain Parking / Squatting

Ian Andrew Bell (ibell@cisco.com)
Tue, 26 Jan 1999 14:05:11 -0800


Yet again, I've been looking into the practise of Domain Squatting. The
InterNIC is at the centre of controversy because someone is abusing
their systems and policies, causing massive failure in their processes.

The techniques used by domain squatters, outlined below, is at the root
of the problem.

Background:

The most prolific "domain parker" on the Internet is Vancouver's own
Jerry Sumpton, of Freeview listings (he's actually located a few floors
below Simon Kan's office). He's become quite well known on the Internet
for registering tens of thousands of domain names and is probably the
number one abuser of the InterNIC's 2-month grace period for putting
domain names on hold when they haven't been paid for. By simply
resubmitting registrations whenever the grace period lapses he can hang
on to domain names ad infinitum. This is causing massive problems with
the InterNIC registration service and prevents people from getting
decent domain names.

Current Status:
http://www.news.com/News/Item/0,4,21333,00.html
http://rs.internic.net/cgi-bin/whois?JS1578

Past Articles About Mailbank:
http://www.zdnet.com/pcweek/news/0624/28enic.html
http://www.wired.com/news/print_version/story/96.html
http://detnews.com/1996/menu/stories/60733.htm

And From NTKnow?
http://www.ntk.net

"The .com artists, NETWORK SOLUTIONS, got hit with more nasty
hacks by domain name speculators. People are now reserving
.com addresses, sitting out the thirty days before you have
to pay up, and then - just before NSI's automated system
releases the domain again - bludgeoning the Internic servers
with thousands of new reservation requests. That lets the
speculators hold domain names indefinitely without paying a
penny. It also crashes NSI's servers, as the more worthy (or
less sneaky) domain masters have discovered. Network
Solution's answer has been intriguing: instead of devising a
more sophisticated reservation system (genuine name &
address authentication? PGP registration? actually holding
people to the requirement that they have valid DNS
servers?), they've simply deleted the "Status" and "Last
changed" fields from the whois database without telling
anyone. You'll note that this a) potentially busts other
programs, b) doesn't solve the problem, since the domain
name speculators already *know* when they reserved the
domain. Network Solutions - placing the emphasis on neither.
http://www.netsol.com/
- we're just asking to be put on hold, aren't we?"

Jerry Sumpton has between 15,000 and 30,000 names registered (most of
the common names in the US telephone book, as well as any available
nouns in the dictionary are included in this). He's registered so many
names that he has actually broken the NT version of BIND, since clearly
the designers hadn't planned their implementation to ever be the host
for that many domain names -- who would?

The "official" business model for Jerry's employer, Mailbank, is that
they will sell you a mailbox on their servers for $4.95/year. Given the
cost of sustaining a yearly InterNIC bill greater than 1 million dollars
this is not a reasonable, self-sustaining business case. The REAL goal
for Mailbank is to sell the domain names that they've been holding
hostage for tens of thousands of dollars to big companies. They tried
this with Avery-Dennison Inc. -- instead of paying the $13,000.00 USD
fee that Mailbank demanded for the names "avery.net" and "dennison.net"
they chose to litigate and won the names for $600.

The NIC is clearly too stupid or too greedy to solve this problem.
Jerry and crew are clearly being reckless with other peoples' money and
are deluding themselves into believing that holding domain names for
ransom is their path to financial freedom.

-Ian.

_____________________________________________________________________
Ian Andrew Bell ibell@cisco.com
Business Development Manager 408.525.8630
Global Alliances Partners Engineering 800.365.4578
Cisco Systems Inc. .:|:..:|:.