StratVantage Consulting, LLC — Mike’s Take on the News 09/04/01
Clipped from: http://www.stratvantage.com/news/090401.htm
The News – 09/04/01
In this Issue:
There’s nothing like a monopoly. You get to make your own rules and wield power however you want. So I guess it’s not surprising that, when ICANN gave monopolies to the registrars for the seven new top level domains (.biz, .name, .pro, .museum, .info, .aero, and .coop), there’d be opportunities for abuse. Turns out abuse is practically mandated in the new domain operators’ contracts, which entitles them to register up to 10,000 domains for themselves before allowing anyone else access. This means that 10,000 of the most valuable, juiciest domain names are likely to not be available to all comers. Names like business.biz, museum.museum and the like could be controlled by the domain registrar, who could auction them to the highest bidders. Afilias, a consortium of 18 companies and domain registrar for the .info domain, has registered search.info, for example. ICANN argues that a registry operator will need a wide range of addresses on that registry in order to work effectively. Here’s a list of names reserved by NeuLevel, the administrator of the .biz gTLD (generic Top Level Domain).
As if that’s not bad enough, other registrants have taken many desirable domain names in the early registration period, which is supposed to be available only to trademark owners. So if you had your heart set on getting sports.info, computer.info, bank.info, or finance.info, you can forget it. All have been snapped up by registrants who did not hold legitimate trademarks. Afilias says they’ll take action in December, after their review of the early registration period ends. One study found that of 11,000 .info registrations, between 15 and 25 percent were bogus. My personal favorite bogus registration was for bible.info, which claimed its trademark number was “1”. Not according to the USPTO, it’s not. With all this potential cybersquatting, Afilias has its work cut out for it if it hopes to clear it all up by yearend.
Domain registrar NeuLevel, which was awarded the .biz monopoly, has been accused by Amazon of running an illegal lottery, and has filed suit to defend itself. At issue is the pre-registration period NeuLevel established in which applicants pay a small fee to reserve the rights to a name. On September 17, the company will randomly award contested names. I don’t know about you, but that sounds an awful lot like a lottery to me. However, I don’t really know how else a registrar can resolve multiple claims for a single name, unless there’s trademark or other intellectual property rights at stake (like in cocacola.biz). Amazon supposedly has said in a letter to the company, “NeuLevel is deriving enhanced revenues by selling chances to register or to challenge registration of domain names that incorporate famous trademarks such as AMAZON.COM.” NeuLevel counters with a reasonable-sounding point: other firms, such as Amazon Imaging Inc., might reasonably stake a claim to the address www.amazon.biz. “Because amazon.com and amazon.biz exist in different top-level domains, they resolve to different and unique Internet addresses and thus can function and coexist without collision,” the suit says. Where’s Solomon when we need him?
The bottom line on all of this is, as I’ve said before , the new domain names will not provide any relief to the overcrowding of the .com top level domain. In a random check of .info registrations, the usual suspects held the domains coke.info, pepsi.info, nike.info, and nbc.info. How exactly is this better? If Amazon is insisting on getting Amazon.biz, even though they are by far not the only Amazon in the world, what can we expect of names like “Excel,” which are applied to various businesses in various industries. Trademark law allows this because a trademark only applies to a class of trade. The new gTLDs are not industry-specific, and so chaos will again reign, and the big companies will scoop up all the good names.
That being said, businesses need to evaluate the need for representation in the new gTLDs. Do you want your competition to register your name? Most businesses have no choice other than registering in all the gTLDs possible. It’s a shame ICANN has not come up with a better solution. Heck, at this point, we may not ever see a better solution.
- Shameless Self-Promotion Dept.: StratVantage’s P2P4B2B – Peer to Peer for Business Directory was featured in the July 16th issue of Network World File Sharing newsletter, along with some nice mentions of white papers I’ve done. Even more impressive is the fact that a search for “StratVantage” on Google now gets you two pages of hits! Hoohoo!
- New Wireless SIG: Geneer has created the Midwest Wireless Application Developers Special Interest Group (SIG) a non-commercial group designed to promote discussion of wireless developer tips and tools. The first meeting is Tuesday, Sept. 18, 2001, and features Guest Presenter Rod Massie of Motient Corp., provider of eLinkSM and BlackBerry™ by Motient wireless email services. Rod’s topic is Developers’ Tips & Secrets for Motient’s Terrestrial Network and Motorola’s DataTAC Technology. The free meeting runs from 6:00 PM to 8:30 PM at the Marriott Suites, 8535 W. Higgins Road, Chicago, Illinois.
- I Want This Gadget: In the Cool Tools Department this issue is the Clever Cam 360, a digital camera, Webcam and camcorder combination that is the size of a pen. The device captures 45 seconds of streaming video and can store up to 360 digital stills. Plus, with its USB interface, you can attach it to your laptop and send the family a live video stream from your lonely hotel room. Plus, kids, it’s under $90!
- Fighting Back Against Code Red: Alert SNS Reader Andrew points out that there are more benign ways to fight back against the Code Red worm. Some server administrators use a script that “simply exploits the ability to run an executable to fire up the NT command ‘net send’ to send a pop-up message box on every machine in that domain with the text ‘Your Webserver is infected with the Code Red Virus! Please remove it from the Internet and apply the Microsoft Hot Fixes to correct this!’ This is not nearly as bad as rebooting some other person’s server randomly. Rebooting a CodeRed II infected server does no good as the worm installs a backdoor allowing a cracker to come in at any time.” This is indeed a more benign solution, but it still involves running a program on a server without authorization. However, it could be argued that this solution is no more invasive than sending an email. Your opinion?
The URL listed below this item takes you to a page of possible FightBack responses that also includes the log of attacks on just one Web server. Two things are notable about this log. First, it represents more than 7,000 attacks since July 19th from more than 2,500 hosts. That’s amazing. Second, many, if not most, of these attacks are coming from people with cable modems. In fact, Cox Cable, Las Vegas, represented more than 4,000 of the attacks compared with roughly 700 for Excite@Home and 500 for RoadRunner. What makes this interesting is the fact that most cable modem and DSL companies forbid their users from running any kind of server.
One very confusing aspect about all the Code Red coverage involves whether or not Microsoft’s Personal Web Server is vulnerable. Microsoft requires you to install PWS when you install FrontPage, their Web authoring tool. Many FrontPage users probably did the install back when they were still learning about the Web and have forgotten that they are running a Web server on their computers. However, neither Microsoft nor CERT nor Information Warfare thinks PWS is vulnerable. Some reports claim PWS is vulnerable to Code Red when run on Windows NT or 2000, but Information Warfare says it doesn’t even run on 2000, and indeed I couldn’t install it on my Windows 2000 machine. PWS does run on Windows NT Workstation, according to the site. Whatever the real deal is, it just may be possible that some of these attacks are coming from people who do not know they are running PWS or Internet Information Server (IIS). However, your machine is not vulnerable unless you are running Windows NT or 2000.
Regardless of the possible Code Red vulnerability, you should probably not be unintentionally running a Web server, as they can expose you to threats without your knowledge. You can check to see if PWS or IIS is running on your machine. One easy way is to see if you have either of the following directories: C:/Webshare/Wwwroot or C:/InetPub/Wwwroot. These are the default root directories of various versions of PWS and IIS. Another way is to go to Control Panel and see if you have a Personal Web Server icon. If you are running PWS, I recommend uninstalling it just to be safe. If you are running IIS, a patch is available on Microsoft’s Code Red page . By the way, it is important to note that the Microsoft patch that fixes the vulnerability only prevents future infections. If you are infected, you need to remove the file /inetpub/scripts/root.exe in order to disable the backdoor installed by Code Red.
Finally, system administrators can get a scanning tool to identify vulnerable computers from eEye . And Microsoft has released Personal Security Advisor , which takes a look at your NT or 2000 system and finds common misconfiguration problems.
- Insurer Charges Premium for Using Microsoft: Insurance broker J.S. Wurzler Underwriting Managers has started charging up to 15 percent more in hacker insurance premiums to clients that use Microsoft’s Internet Information Server software. Oddly, they made this decision before Code Red caused an estimated $2 billion in damage. They based their action on Wurzler their finding that system administrators working on open source systems tend to be better trained and stay with their employers longer than those at firms using Windows software. Thus bug patches are more likely to be applied.
Return to Mike’s Take