NSI Screwups, Stolen Domains, and Accountability

[Brujah]

Ok, I hate that this keeps happening but apparently NSI won't be held accountable for it. I had something around 10 back-orders with SnapNames on old expired names and they've "suddenly" been renewed? WTF?! Grrrr.

About the Stolen Domains.. NSI is really having a problem with this. They have almost no control and have even returned some names mistakenly to the wrong people. A recent call with them even showed one name being renewed for an extra year but no invoice existed, and there was no charge on the renewal. It's possible even that someone's renewing the names that isn't the owner, with the intent of stealing the names. It even appears that there are no consequences for the thief, for NSI, or anyone else involved. As widespread and as valuable as these names are, I'm surprised the media hasn't reported on it and it's been kept so low-profile.

It's possible some of you have even purchased stolen names, like GregR may have done with 83.com ? ( based on the eBay scam revealed earlier ).

I wonder if NSI even knows whats going on. I've heard the inside-job theory. They must not have much of an audit trail about who accesses domain records if this turns out to be the case.

Snapnames might want to lower its price because its record isn't anywhere near as good as it once was, and NSI is letting a thief take the better names.

WLS.. heh.

 

[DomainSage]

My friend, NSI is the theif.

 

[DrWho]

Could this be an example? This expiration date for this domain was missing and then would appear, then disappear and/or change to different dates on an irregular basis. A few weeks ago a “Record expires on 01-Dec-2002” appeared in the whois record.

I put a snap on it and it was renewed 4 days later. Coincidence?


------------------------------------------------------------------------
SnapNames has detected a change in the registration data
for the domain name: xxxxxx.com

We are continually monitoring the following data stores
where registration data is kept:

Root Name Servers: Domain names and their associated IP
addresses are kept here. When you enter an address, such as
www.SnapNames.com, the name servers are responsible for
directing your browser to the appropriate server.

Registries: The registries for the various TLD's (Top Level
Domains such as ".com") are responsible for creating the
"zone files" (master lists of active names) which are sent
to the name servers.

Registrars: The registrars interface with the public to
maintain the detailed registration information and are
responsible for communicating add/edit/delete information
to the registries.

*Note our automated system detects and reports ALL changes
made to the names you're tracking, no matter how small. We
do not filter these reports because what may be considered
insignificant to one customer may matter to another.

In this case, we detected a change(s) at the

Registrar, NETWORK SOLUTIONS, INC.

---------<Change at registrar level>-----------------------

* Note that changes are highlighted in bold red.

Old Values New Values
Registrant:
ZLOCH, THOMAS (xxxx-DOM)
Horstweg 20
BERLIN, 14059
DE

Domain Name: xxxxx.COM

Administrative Contact:
ZLOCH, THOMAS (TZT10) [email protected]
ZLOCH, THOMAS
Horstweg 20
BERLIN
14059
DE
+49 173 933 7246
Technical Contact:
VeriSign, Inc. (HOST-ORG) [email protected]
VeriSign, Inc.
21355 Ridgetop Circle
Dulles, VA 20166
US
1-888-642-9675

Record expires on 01-Dec-2002.
Record created on 01-Dec-1999.


Domain servers in listed order:

NS19.WORLDNIC.COM 216.168.225.149
NS20.WORLDNIC.COM 216.168.225.150 NOTICE AND TERMS OF USE: You are not authorized to access or query our WHOIS
database through the use of high-volume, automated, electronic processes. The
Data in VeriSign's WHOIS database is provided by VeriSign for information
purposes only, and to assist persons in obtaining information about or related
to a domain name registration record. VeriSign does not guarantee its accuracy.
By submitting a WHOIS query, you agree to abide by the following terms of use:
You agree that you may use this Data only for lawful purposes and that under no
circumstances will you use this Data to: (1) allow, enable, or otherwise support
the transmission of mass unsolicited, commercial advertising or solicitations
via e-mail, telephone, or facsimile; or (2) enable high volume, automated,
electronic processes that apply to VeriSign (or its computer systems). The
compilation, repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to use
high-volume, automated, electronic processes to access or query the WHOIS
database. VeriSign reserves the right to terminate your access to the WHOIS
database in its sole discretion, including without limitation, for excessive
querying of the WHOIS database or for failure to otherwise abide by this policy.
VeriSign reserves the right to modify these terms at any time.


Whois Server Version 1.3

Domain names in the .com, .net, and .org domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

Domain Name: xxxxxx.COM
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: NS19.WORLDNIC.COM
Name Server: NS20.WORLDNIC.COM





The Registry database contains ONLY .COM, .NET, .ORG, .EDU domains and
Registrars.

Domain not found locally, but Registry points back to local DB.
Local WHOIS DB must be out of date.

 

[tonyk2000]

I guess NSI system would allow everybody to renew any nsi-regged domain (unless it was regged via reseller). Just go to domain renewal at their website and try...
So some people may steal e-mail address, renew corresponding expired domain and transfer the name away. Later, they may even "clean" creation dates by deleting transferred name and re-registering it immediately. some registrars allow instant deletions.

Not sure about now, but some time ago old domains did not have any online login/passwords with nsi, just e-mail authorization!

 

[tonyk2000]

By the way, I have also noticed some grandfathered expired NSI domains have been renewed within last 24 hours!!!!!!!!!
owners remained the same!

 

[mole]

Originally posted by tonyk2000
Not sure about now, but some time ago old domains did not have any online login/passwords with nsi, just e-mail authorization!

Netsol's database dates back to the time the internet was just something you read in sci-fi books Naturally, those old but good .com names can suffer system migration problems and allow for loophole exploitations.

The new registries like Neulevel and Afilias have obviously leapfrogged those security shenanigans when they implemented their new management systems, what with transfer authorization codes and all that.

I'd get .info and .biz if I am paranoid about security

 

[Kid Kool]

Originally posted by mole


I'd get .info and .biz if I am paranoid about security

yeah i mean after all, who would want to steal some cheesy .biz domain

sorry mole, couldn't resist

 

[mole]

Yeah, I know what you mean kid. Hopefully, .biz will continue to sound cheesy to crooks in the years to come

 

[cluelessdomainer]

other people here say John Biondo is the domain stealer. He stole news.net too.

 

[DomainGoon]

Originally posted by tonyk2000
By the way, I have also noticed some grandfathered expired NSI domains have been renewed within last 24 hours!!!!!!!!!
owners remained the same!

Hundreds of names owned by the same person, and most people know who he is, were renewed in the last 24 hours. That was a special case because the U.S. courts tied up his names for a long time. It was a very unique situation.

 

[888]

Originally posted by tonyk2000
By the way, I have also noticed some grandfathered expired NSI domains have been renewed within last 24 hours!!!!!!!!!
owners remained the same!

I noticed the same thing too. Like ucn.com with expiry Aug 2001 is renewed, and many others too :sad:

It could be something fishy like others said, or it could be one or several domainers contacting each and every owner of good expired names?

 

[fizz]

Seek and ye shall find.

 

[888]

Originally posted by fizz
Seek and ye shall find.

Hi fizz, you meant you emailed a bunch of expired domain owners? :dead: If so, how many of them?

What kinds of names your interested in? I'll avoid snapping those!!