MagicalTux in Japan

Geekness brought me to Japan!

Posts Tagged whois

Registrars and authcodes

Mar 11

Posted by MagicalTux in Geek Attitude | No Comments

Many registrars out there have found different ways to implement Verisign’s requirement of harder-to-guess authcodes for domains by asking to have at least one symbol character (non letter, non number) in the authcode.

This had different effect on different registrars. For example french registrar OVH have implemented it a bit too well, resulting in authcodes like “d*zuW.;2t/!>pHbU”, while others have decided that it wasn’t their problem, and just added a prefix to their authcodes. This is the case for example of GoDaddy, whose authcodes are limited in randomness. An authcode will look like: “S1-AF94C9510BA1C”. Yeah right, “S1-” followed by an uppercase hexadecimal string. I’m pretty sure Verisign wasn’t expecting this when they published the new requirement.

Anyway conditions to steal a domain are pretty much complex (you need to have it unlocked, need to know the authcode, and once transfer is started, the current registrant must not ask his registrar to cancel the transfer for 5 days, and even after the domain is transferred, there are ways to get it back – it’s just more expensive). Stealing a domain is a complex operation which will most likely be followed by legal repercussions.

Best thing to do is to check from times to times in a whois that your domain is really showing your name and address. If not, you might need to do something about it before it’s too late. You might want to consider transferring your domain to a company which cares about you ;) (we’ll even fight your old provider if troubles arise, they can refuse transfer only in some specified cases, as long as you are owner of your domain).

Tags: , , , , , ,

Simple web-whois service

Feb 20

Posted by MagicalTux in Geek Attitude | No Comments

I decided to quickly create a really simple whois service.

http://whois.nf/

The url is simple, there are tons of similar services, but this one should prove to be fast to load and light on any device, thanks to its pre-1980′s design.

PS: If you are a web designer and can do HTML/CSS/JS, contact me, I might have some work for you.

Tags: ,

Microsoft.com: no whois server was harmed!

Aug 14

Posted by MagicalTux in Geek Attitude, Hacking | 9 Comments

Some French people are reporting without understanding what it is all about something almost as old as ICANN is: when you do a whois lookup on microsoft.com (for example) you get tons of unexpected replies… Reporting without knowledge (and without digging at least a bit about this) is like asking for a geek to slap his blog in your face.
This article will be a bit blunt, but that’s for your own good (next time try to at least search a bit on google/etc before saying whois servers were hacked).

Typical whois reply will look like:

   Server Name: MICROSOFT.COM.ZZZZZZ.MORE.DETAILS.AT.WWW.BEYONDWHOIS.COM
   Server Name: MICROSOFT.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM
   Server Name: MICROSOFT.COM.ZZZZZ.DOWNLOAD.MOVIE.ONLINE.ZML2.COM
   Server Name: MICROSOFT.COM.ZZZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM
   Server Name: MICROSOFT.COM.ZZZ.IS.0WNED.AND.HAX0RED.BY.SUB7.NET
   Server Name: MICROSOFT.COM.WILL.LIVE.FOREVER.BECOUSE.UNIXSUCKS.COM
   Server Name: MICROSOFT.COM.WILL.BE.SLAPPED.IN.THE.FACE.BY.MY.BLUE.VEINED.SPANNER.NET

Of course it might looks like the whois server was hacked, that’s what people with bad knowledge of internet would think (hint: almost everything is explained in RFCs). Read the rest of this entry »

Tags: , ,