False WHOIS Data Still Bedevils

By Jim Wagner | Dec 8, 2005 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/article.php/3569661/False-WHOIS-Data-Still-Bedevils.htm

The database holding the contact information for registered domain names is still plagued with inaccurate entries, a problem that's the root cause for much of the Web-based trickery on the Internet.

A November report by the U.S. Government Accountability Office (GAO), published Wednesday, shows 5 percent of all domain names ending in .com, .net and .org have "patently false" data in the fields where contact information is stored, such as e-mail addresses, phone numbers, names and mailing addresses.

That's roughly 2.31 million Web addresses where no one knows who the owner of the site is or how to contact them. While many domain name owners might legitimately make an error when filling out their contact information or forget to fill a field, there are any number of people who rely on anonymity to host Web sites that contain viruses, are used in phishing attacks , or used for other illegal activities.

The database holding these entries is accessed through a WHOIS request, which returns the IP address and contact information for the site's owner.

The responsibility for WHOIS entries falls on the registrars who take the money to set up the domain name with the registry operator. In most cases, this is done automatically through a Web site with the owner requesting the domain name they want and providing a credit card number to pay for the costs.

The Federal Trade Commission (FTC) has long been a champion of correct WHOIS entries, which says having the correct information is the difference between nabbing the scam artist responsible for fraudulent activity and letting them go.

While the FTC can get the registrar to shut the Web site down, the investigation effectively ends at the Web site since the trail ends at the bogus information provided in the WHOIS.

The Internet Corporation for Assigned Names and Numbers (ICANN), a sub-contractor the U.S. Department of Commerce (DoC), has been working on the issue with mixed results since its inception. While early efforts have been to send advisory notices to registrars to maintain and constantly update the WHOIS with factual data, it wasn't until a couple years ago that they got serious.

ICANN tracks the number of complaints of bogus WHOIS information through its Data Problem Reports System, which are then sent on to the registrar to investigate. In its latest annual report in of the system in March the organization tracked 31,533 complaints on 16,941 domain names.

Of that number, though, only about 63 percent of those reported were corrected, suspended or are no longer registered.

The GAO report discovered similar results during the course of its research. According to the report, it submitted 45 error reports to ICANN for further investigation -- 33 were not corrected, 11 were updated and the last was pending deletion anyways.

Every year ICANN-accredited registrars are expected to demonstrated their compliance with the WHOIS Data Reminder Policy, which is to send an annual reminder to domain name owners to keep their information up to date.

Article courtesy of internetnews.com