Find Ecommerce Pros to Grow Your Online Business on ALL EC Ecommerce Exchange
Welcome Guest | Sign In
Salesforce Commerce Solution Guide

ICANN Scrutinized in Wake of Panix Attack

By Jennifer LeClaire
Jan 18, 2005 2:00 PM PT

Internet service provider Panix had plenty to panic about over the weekend when its domain name was hijacked by unknown parties. The mystery has since been solved, but the aftermath has some pointing the finger at a new policy the Internet Corporation for Assigned Names and Numbers (ICANN) recently issued to make it easier to transfer domains.

ICANN Scrutinized in Wake of Panix Attack

The hijacking disrupted e-mail, Web access and other connectivity to for thousands of customers when the domain was unknowingly moved to a company in Australia.

Tangled Web Unwoven

It was a tangled web that was unwoven today by domain registrar Melbourne IT in an e-mail message to The North American Network Operator's Group mailing list.

"There was an error in the checking process prior to initiating the transfer, and thus the transfer should never have been initiated," Bruce Tonkin, the chief technology officer of Melbourne IT, said. "The loophole that led to this error has been closed. That reseller is analyzing its logs and cooperating with law enforcement."

Apparently this is not the only domain hijacking since ICANN implemented its Inter-Registrar Transfer Policy last November to streamline domain transfers between registrars. The ICANN message boards reveal a posting by George Kirkikos claiming that, and appear to have been hijacked as well.

The new rules allow transfers to proceed with a customer confirmation by the gaining registrar but without approval from the losing registrar. Some registrars had warned ICANN that the changes would also make it easier to hijack domains.

Revisiting Procedures

Jupiter Research analyst Joe Laszlo told the E-Commerce Times that domain hijacking is not very common, though there have been some high profile cases where well known brand names have let their URLs lapse and had to fight to get them back.

"It seems like it was awfully easy for people who weren't authorized to initiate a domain transfer to do so," Laszlo said. "It's tough to say if it's ICANN's fault, although it does seem like certain procedures need to be strengthened. I would hope this causes ICANN to start revisiting some of its procedures."

ICANN is requesting public comments on experiences with the new policy, which went into effect in November 2004.

Salesforce Commerce Solution Guide
What is the state of the Linux desktop?
It's edging its way into the mainstream.
It's wildly popular -- but only with open source fans.
It's in trouble due to fragmentation.
It never had a shot in a Windows-dominated PC world.
It's too cumbersome for most computer users to bother.
I'm not familiar with the Linux desktop.