IDN Forums - Internationalized Domain Names  
Home | Advertise on idnforums | Premium Membership

Go Back   IDN Forums - Internationalized Domain Names > IDN Discussions > General Discussion

General Discussion Feel free to talk about anything and everything in this board.

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 11th April 2008, 08:18 PM
Senior Member
 
Join Date: Dec 2006
Posts: 1,036
iTrader: (32)
Rep Power: 723
khurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished road
Send a message via Skype™ to khurtsiya
Question How to secure your IDNs from hijacking?

So isn't it bad - hundreds/thousands IDNs in dynadot (f.e.) account protected by just one password. It can be stoled by trojan and by-by all investments...

So what can we do to protect our domains? What my brain generated is:
  • keep 50/100 domains per account, so if someone hacks one account you will lose just 50/100 domains
  • try to change passwords as often as you can, f.e. once a week or two or may be month
  • your thought...
__________________
Киев.com.ua - offers welcome
Reply With Quote
  #2 (permalink)  
Old 11th April 2008, 09:52 PM
Jay's Avatar
Jay Jay is offline
Senior Member
 
Join Date: Feb 2008
Location: Where angels fear to tread
Posts: 1,303
iTrader: (23)
Rep Power: 1694
Jay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enough
Re: How to secure your IDNs from hijacking?

I would think that the registrar, if not ICANN, would do something to recover those domains. Domain hijacking has been a serious issue in the past, and I would expect that the processes of domain recovery for the legitimate owners are much improved. Of course, you can never be too safe.
__________________
________________________________________________________________

IDN.enterprises - buying, selling, brokering IDNs
Reply With Quote
  #3 (permalink)  
Old 11th April 2008, 10:14 PM
mdw's Avatar
mdw mdw is offline
Member
 
Join Date: Jul 2006
Location: upstairs
Posts: 838
iTrader: (24)
Rep Power: 569
mdw is an unknown quantity at this point
Re: How to secure your IDNs from hijacking?

Best defenses:
1. use a registrar you trust
2. put at least 2 email addresses in contacts of WHOIS record to avoid single point of failure
3. use monitoring service like http://www.domaintools.com/monitor/ to monitor changes

These are proactive, that's why they are the best. The strategy is to either avoid the issue from arising, or at least make sure you are notified when a domain is being transferred. Trying to recover something after the fact is only good as a last resort.
.
.
.
.

Last edited by mdw; 12th April 2008 at 12:32 AM..
Reply With Quote
  #4 (permalink)  
Old 12th April 2008, 03:38 AM
Wot's Avatar
Wot Wot is offline
Senior Member
 
Join Date: May 2006
Posts: 3,588
iTrader: (30)
Rep Power: 1666
Wot will become famous soon enoughWot will become famous soon enoughWot will become famous soon enoughWot will become famous soon enoughWot will become famous soon enoughWot will become famous soon enoughWot will become famous soon enough
Re: How to secure your IDNs from hijacking?

Ensure that the names you have regged are complete crap and then nobody will want them.
__________________
红旗.com

Last edited by Wot; 12th April 2008 at 05:13 AM..
Reply With Quote
  #5 (permalink)  
Old 12th April 2008, 04:28 AM
touchring's Avatar
Veteran
 
Join Date: Dec 2005
Posts: 7,547
iTrader: (29)
Rep Power: 1257
touchring is an unknown quantity at this point
Re: How to secure your IDNs from hijacking?

Quote:
Originally Posted by Ajiotaj
So isn't it bad - hundreds/thousands IDNs in dynadot (f.e.) account protected by just one password. It can be stoled by trojan and by-by all investments...

So what can we do to protect our domains? What my brain generated is:
  • keep 50/100 domains per account, so if someone hacks one account you will lose just 50/100 domains
  • try to change passwords as often as you can, f.e. once a week or two or may be month
  • your thought...

Install a desktop firewall and security application like zonealarm, that prevents any new application from accessing the internet or start as a service. It will prompt everytime a new application tries to do these.
Reply With Quote
  #6 (permalink)  
Old 12th April 2008, 07:04 AM
Member
 
Join Date: Jan 2006
Location: US
Posts: 372
iTrader: (2)
Rep Power: 534
Ross is an unknown quantity at this point
Re: How to secure your IDNs from hijacking?

Quote:
Originally Posted by touchring
Install a desktop firewall and security application like zonealarm, that prevents any new application from accessing the internet or start as a service. It will prompt everytime a new application tries to do these.

Don't use windows and you don't need to worry about this crap.

.
Reply With Quote
  #7 (permalink)  
Old 12th April 2008, 07:39 AM
Rubber Duck's Avatar
Veteran
 
Join Date: Sep 2005
Location: Czech Republic (For those of you from USA = Chechnya)
Posts: 15,929
iTrader: (59)
Rep Power: 4507
Rubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura aboutRubber Duck has a spectacular aura about
Re: How to secure your IDNs from hijacking?

Don't enter into any kind of contractual arrangement that might be open to misinterpretation without the advice of a competent legal advisor.
__________________
All offers to sell are void.
Reply With Quote
  #8 (permalink)  
Old 12th April 2008, 09:18 AM
Senior Member
 
Join Date: Dec 2006
Posts: 1,036
iTrader: (32)
Rep Power: 723
khurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished road
Send a message via Skype™ to khurtsiya
Re: How to secure your IDNs from hijacking?

Thanks to ALL for replies! Very helpful.

Quote:
Originally Posted by Jay
I would think that the registrar, if not ICANN, would do something to recover those domains. Domain hijacking has been a serious issue in the past, and I would expect that the processes of domain recovery for the legitimate owners are much improved. Of course, you can never be too safe.
How you can prove that you was the owner of domains and they was stolen if somebody enters into your account and pushes them to his account? I think in such situation registrar can't help you anyhow. Am I wrong?
__________________
Киев.com.ua - offers welcome
Reply With Quote
  #9 (permalink)  
Old 12th April 2008, 09:23 AM
Member
 
Join Date: Jan 2006
Location: US
Posts: 372
iTrader: (2)
Rep Power: 534
Ross is an unknown quantity at this point
Re: How to secure your IDNs from hijacking?

At dynadot, even if you are logged in, you need to enter your birthday in order to unlock domains. You can't transfer domains unless they are unlocked. So, a person who gained your password would still need to know your birthday.

.
Reply With Quote
  #10 (permalink)  
Old 12th April 2008, 09:27 AM
Senior Member
 
Join Date: Dec 2006
Posts: 1,036
iTrader: (32)
Rep Power: 723
khurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished road
Send a message via Skype™ to khurtsiya
Re: How to secure your IDNs from hijacking?

Quote:
Originally Posted by Ross
At dynadot, even if you are logged in, you need to enter your birthday in order to unlock domains. You can't transfer domains unless they are unlocked. So, a person who gained your password would still need to know your birthday.

.
Noticed this too. But I think this is still not safe. That person can easy get my birthday... Well, may be no so easy, but still can.
__________________
Киев.com.ua - offers welcome
Reply With Quote
  #11 (permalink)  
Old 12th April 2008, 01:15 PM
touchring's Avatar
Veteran
 
Join Date: Dec 2005
Posts: 7,547
iTrader: (29)
Rep Power: 1257
touchring is an unknown quantity at this point
Re: How to secure your IDNs from hijacking?

Quote:
Originally Posted by Ajiotaj
Noticed this too. But I think this is still not safe. That person can easy get my birthday... Well, may be no so easy, but still can.
use your mum's birthday.
Reply With Quote
  #12 (permalink)  
Old 12th April 2008, 07:02 PM
Jay's Avatar
Jay Jay is offline
Senior Member
 
Join Date: Feb 2008
Location: Where angels fear to tread
Posts: 1,303
iTrader: (23)
Rep Power: 1694
Jay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enough
Re: How to secure your IDNs from hijacking?

Quote:
Originally Posted by Ajiotaj
How you can prove that you was the owner of domains and they was stolen if somebody enters into your account and pushes them to his account? I think in such situation registrar can't help you anyhow. Am I wrong?
Your ownership details are kept by the registry, so it shouldn't be hard to prove that you were the owner. I think the problem would be in establishing that it wasn't a legitimate transfer. If the IP address that accesses your domains is different and this information is kept by the registry, then that would look suspicious. My understanding is that good registrars will carry out an investigation if you file a complaint of hijacking. The problem is in cases where registrars aren't very helpful or don't want to get involved. Then it becomes a matter of you undertaking litigation or going through ICANN, but both are a hassle.

Perhaps it is best to ask a registrar like Dynadot or DomainSite what recovery procedures they have in place in such instances? It would be of interest to many of us I would think.
__________________
________________________________________________________________

IDN.enterprises - buying, selling, brokering IDNs
Reply With Quote
  #13 (permalink)  
Old 14th April 2008, 08:08 AM
Senior Member
 
Join Date: Dec 2006
Posts: 1,036
iTrader: (32)
Rep Power: 723
khurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished road
Send a message via Skype™ to khurtsiya
Re: How to secure your IDNs from hijacking?

Hello,

We would have to consider each situation differently, depending on the facts we are presented with.
- Hide quoted text -

Best Regards,
Dynadot Staff

--------------------------------------------------
DYNADOT... $8.99 domain names... $1/mo. web hosting
http://www.dynadot.com



> Thanks for the answer.
>
> And what can You do if it is a push to another Dynadot account? How
> can I prove that this was hijack and not legitimate push?
>
> Regards,
>
> Michael
>
> On Sun, Apr 13, 2008 at 8:22 AM, Dynadot Info <info@dynadot.com> wrote:
> > Hello,
> >
> > The best way to secure your domains is to keep your username/password secure.
> >
> > However, if someone manages to steal your domain, please let us know as soon as possible and we can work with the new registrar to get them back. It takes a long time, so it is best to avoid this situation.
> >
> > Best Regards,
> > Dynadot Staff
> >
> > --------------------------------------------------
> > DYNADOT... $8.99 domain names... $1/mo. web hosting
> > http://www.dynadot.com
> >
> >
> >
> > > Hi
> > >
> > > I have many domains at Dynadot and have a question about securing them.
> > >
> > > If someone stole password from my account and knows my birthday (to unlock domains) how can I get them back?
> > >
> > > What will be Your suggestions in such case?
> > >
> > > Regards,
> > >
> > > Michael
> > >
> > >
> > >
> >
>
>
>
__________________
Киев.com.ua - offers welcome
Reply With Quote
  #14 (permalink)  
Old 14th April 2008, 08:11 AM
Member
 
Join Date: Jan 2006
Location: US
Posts: 372
iTrader: (2)
Rep Power: 534
Ross is an unknown quantity at this point
Re: How to secure your IDNs from hijacking?

Why are you so worried about this?

Do you have reason to believe that people are actively trying to steal your domains now?

.
Reply With Quote
  #15 (permalink)  
Old 14th April 2008, 08:15 AM
Senior Member
 
Join Date: Dec 2006
Posts: 1,036
iTrader: (32)
Rep Power: 723
khurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished road
Send a message via Skype™ to khurtsiya
Re: How to secure your IDNs from hijacking?

I have many domains in my acc and do not want lose them because of I was not much interested in security problems and tips.
__________________
Киев.com.ua - offers welcome
Reply With Quote
  #16 (permalink)  
Old 14th April 2008, 08:38 AM
Member
 
Join Date: Jan 2006
Location: US
Posts: 372
iTrader: (2)
Rep Power: 534
Ross is an unknown quantity at this point
Re: How to secure your IDNs from hijacking?

Quote:
Originally Posted by Ajiotaj
I have many domains in my acc and do not want lose them because of I was not much interested in security problems and tips.

No different than anybody else here. You still didn't answer my question.

.
Reply With Quote
  #17 (permalink)  
Old 14th April 2008, 08:13 PM
Jay's Avatar
Jay Jay is offline
Senior Member
 
Join Date: Feb 2008
Location: Where angels fear to tread
Posts: 1,303
iTrader: (23)
Rep Power: 1694
Jay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enoughJay will become famous soon enough
Re: How to secure your IDNs from hijacking?

Quote:
Originally Posted by Ajiotaj
We would have to consider each situation differently, depending on the facts we are presented with.
Registrars like Dynadot often get complaints of domain hijacking which are either just people forgetting to renew their names and then those domains being lawfully taken by others, or else other parties who also have rights to those domains transferring them without the permission of their colleagues. Legitimate cases like you are talking about are taken much more seriously - it is theft after all.

Quote:
Originally Posted by Ajiotaj
> > However, if someone manages to steal your domain, please let us know as soon as possible and we can work with the new registrar to get them back. It takes a long time, so it is best to avoid this situation.
> >
> > Best Regards,
> > Dynadot Staff
Like I said, it depends on the registrar. Dynadot looks like they will do what they can to assist in such cases, which is good PR and good news for us. The question is whether the registrar they are moved to will be as cooperative. If not, ICANN would need to get involved in a drawn out and possibly expensive process.
__________________
________________________________________________________________

IDN.enterprises - buying, selling, brokering IDNs

Last edited by Jay; 14th April 2008 at 08:17 PM.. Reason: Automerged Doublepost
Reply With Quote
  #18 (permalink)  
Old 15th April 2008, 12:36 PM
Senior Member
 
Join Date: Dec 2006
Posts: 1,036
iTrader: (32)
Rep Power: 723
khurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished road
Send a message via Skype™ to khurtsiya
Re: How to secure your IDNs from hijacking?

Quote:
Originally Posted by Ross
No different than anybody else here. You still didn't answer my question.

.
No, I do not have.

I just want this not to happen.

In most cases You will have reasons just right after domains already gone

IMO
__________________
Киев.com.ua - offers welcome
Reply With Quote
  #19 (permalink)  
Old 15th April 2008, 01:21 PM
Member
 
Join Date: Jan 2006
Location: US
Posts: 372
iTrader: (2)
Rep Power: 534
Ross is an unknown quantity at this point
Re: How to secure your IDNs from hijacking?

Quote:
Originally Posted by Ajiotaj
No, I do not have.

I just want this not to happen.

In most cases You will have reasons just right after domains already gone

IMO

If you have high-profile domains, people will be working round-the-clock to try to steal them. It's just a fact of life. I would personally put these type of domains at Moniker.

.
Reply With Quote
  #20 (permalink)  
Old 17th April 2008, 05:32 AM
Senior Member
 
Join Date: Dec 2006
Posts: 1,036
iTrader: (32)
Rep Power: 723
khurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished roadkhurtsiya is on a distinguished road
Send a message via Skype™ to khurtsiya
Re: How to secure your IDNs from hijacking?

Quote:
Originally Posted by Ross
I would personally put these type of domains at Moniker.

.
Thanks!

Can You explain why, please?
__________________
Киев.com.ua - offers welcome
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 10:39 PM.

Site Sponsors
Your ad here
buy t-shirt
מחיר הזהב

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.3.0
Copyright idnforums.com 2005

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54