This is the first I've heard of Fast Flux, but just read the articles Allen attached.  Very interesting.

It seems like what we're talking about over and over are servers located in overseas locations that are constantly providing scams (phishing, farming, etc.).  They'll do this because they know they can get away with it.  In one of the articles I noticed a constant reference to a co.hk extension, and another article mentioned China.  We all know of scams originating from Africa and Europe and Russia.  I wouldn't suggest that it doesn't happen in the US, but I think ISPs in the US are much more eager to shut them down.  But, what if the scammers are the ISP?  I truly believe that 90% of all our problems are due to the mafia-style collusion between the crooks and ISPs in countries like China, the Balkans, and Central Africa.  I also think that it would be easy as cake to identify the culprits, should we actually take it seriously.

At some point, I think there needs to be an ICANN-level task force that can go in an repatriate IP#s that are causing serious problems, working through the ccTLD managers and numbering authorities.  Some type of enforcement is inevitable and logical.

In reality, there's not much we can do except make it more difficult for people to operate that are up to no good.  Giving unlimited access to WHOIS data and letting the traditional legal process play out is obviously not the antidote.  Similarly, having faith that Yahoo's spam filter will save the day is preposterous.

I've been against the tasting issue from the beginning just because it doesn't make sense, but I'm not sure that it's the cause of the problem.  I'm fairly sure it's a contributor to the problem but not the cause.  Remember though, as we issue more TLDs and make it easier for these guys to operate by having the Add-Grace Period, the problem will continually get worse until the Internet is irreversibly destabilized.

Randy Glass
A@L


On 8/10/07, Robert Guerra <lists@privaterra.info> wrote:
There's an interesting discussion taking place on the SSAC list in
regards to the fast flux issue.

Here's a recent comment from the SSAC list -


Domain tasting is an optimisation of the domain name
monetisation business model, where a registrant earns money from PPC ads
placed on a parked webpage.   For monetisation you don't actually want
to change the DNS information often.

Fast Flux is more associated with using a domain name for an email
address or URL that has been used in SPAM email.
Due to the millions of emails that are floating around there is value in
ensuring that the domain name used is not shut-down prematurely.   Thus
those involved will try to make the WHOIS and other more visible
information as legitimate looking as possible (stopping the registrar
shutting down the domain), but bounce the hosting of the email or
website amongst various locations to avoid a hosting company or ISP
shutting down the service at the source - or blocking the offending IP
address at the entry point to a service providers network.

Any comments?


regards,

Robert
---
Robert Guerra <rguerra@privaterra.ca>
Managing Director, Privaterra
Tel +1 416 893 0377




_______________________________________________
ALAC mailing list
ALAC@atlarge-lists.icann.org
http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org

At-Large Official Site: http://www.alac.icann.org
ALAC Independent: http://www.icannalac.org



--
-------------------------
AmericaAtLarge.org
RJPacific.com
DDMF.org