Showing posts with label domain name. Show all posts
Showing posts with label domain name. Show all posts

Sunday, July 8, 2012

New gTLD Extensions: Get Ready for the Internet on Steroids

The group which essentially governs the Internet, known as the Internet Corporation for Assigned Names and Numbers ("ICANN"), recently released a list of thousands of applications for new generic top-level domains ("gTLD's"). Once approved, these new extensions would add to the already growing list of domain extensions that include popular .COM, .NET and ,ORG, and somewhat less popular .BIZ, .INFO, and .US. The applications include obvious brand protection extensions like .GOOGLE and .TIFFANY, as well as thousands of generic applicants like .SHOP and .STORE. Demand Media alone submitted more than 130 applications, including .AIRFORCE, .ARMY, .NAVY and .NINJA(huh?). The primary problem from a brand protection standpoint is that the Internet domain name system is already glutted with a virtually infinite number of available combinations to promote mischief and erode brand reputation online. To demonstrate the point, here is a list of just some of the applied-for Top Level Domains in the ICANN new gTLD Program 2012:

  • .adult
  • .auto
  • .baby
  • .boats
  • .book
  • .car
  • .cards
  • .cars
  • .diamonds
  • .diet
  • .dog
  • .energy
  • .equipment
  • .events
  • .events
  • .flowers
  • .furniture
  • .garden
  • .gift
  • .glass
  • .gold
  • .grocery
  • .guitars
  • .home
  • .homegoods
  • .homesense
  • .horse
  • .house
  • .jewelry
  • .kids
  • .kitchen
  • .luxe
  • .luxury
  • .mail
  • .media
  • .memorial
  • .mobile
  • .motorcycles
  • .pets
  • .pharmacy
  • .phone
  • .photo
  • .photography
  • .pics
  • .pictures
  • .porn
  • .sex
  • .sexy
  • .solar
  • .tattoo
  • .tickets
  • .tickets
  • .tires
  • .tools
  • .toys
  • .video
  • .watch
  • .wedding
  • .yachts
  • .clothing
  • .beauty
  • .fashion
  • .hair
  • .ink
  • .makeup
  • .salon
  • .shoes
  • .skin
  • .spa
  • .style
  • .tattoo
  • .ads
  • .and
  • .are
  • .auction
  • .bargains
  • .best
  • .bid
  • .black
  • .blackfriday
  • .blue
  • .boo
  • .buy
  • .buzz
  • .center
  • .channel
  • .cheap
  • .christmas
  • .city
  • .click
  • .codes
  • .community
  • .compare
  • .cool
  • .country
  • .coupon
  • .day
  • .deals
  • .direct
  • .directory
  • .discount
  • .dot
  • .duck
  • .ecom
  • .ads
  • .exchange
  • .exposed
  • .express
  • .fail
  • .feedback
  • .foo
  • .forsale
  • .free
  • .frontdoor
  • .glean
  • .global
  • .gripe
  • .guru
  • .hangout
  • .here
  • .home
  • .hot
  • .ing
  • .jot
  • .joy
  • .land
  • .link
  • .loft
  • .lol
  • .market
  • .markets
  • .media
  • .meme
  • .new
  • .next
  • .ninja
  • .now
  • .online
  • .page
  • .parts
  • .pink
  • .place
  • .plus
  • .prod
  • .promo
  • .qpon
  • .red
  • .rocks
  • .sale
  • .save
  • .seek
  • .shop
  • .shopping
  • .silk
  • .site
  • .space
  • .spot
  • .star
  • .store
  • .sucks
  • .support
  • .today
  • .top
  • .town
  • .trading
  • .tube
  • .web
  • .website
  • .world
  • .wow
  • .wtf
  • .xyz
  • .yellowpages
  • .you
  • .zip
  • .zone


Concerned about the implications for online brand protection yet?

Tuesday, July 3, 2012

Forensic Clues Hidden on the Internet


The following explains some of the terms used in Internet forensics, and suggests where relevant clues about a domain name may be hiding:
"IP Address"
Each and every computer on the Internet has a unique address - just like a telephone number or street address - which is a rather long and complicated string of numbers. It is called its "IP address" (IP stands for "Internet Protocol"). IP Addresses are hard to remember, so the Domain Name System makes using the Internet far easier for humans by allowing words in the form of a "domain name" to be used instead of the arcane, numerical IP address. So instead of typing 64.233.161.104, you can just type that IP address' domain name, and you would then be directed to the website that you are seeking connected to that domain name.
It is possible to "geolocate" an IP address by using a variety of free services available on the Internet. Geolocation is the practice of determining the physical, real world location of a person or computer using digital information processed and collected on the Internet.
Geolocation can offer the city, ZIP code or region from which a person is or has connected to the World Wide Web by using their device's IP Address, or that of a nearby wireless access points, such as those offered by coffeeshops or internet cafes.
Determining the country of an Internet user based on his or her IP address is relatively simple and accurate (95%-99% percent) because a country is required information when an IP range is allocated and IP registrars supply that information.
Determining the specific physical location of an IP Address down to a city or ZIP code, however, is a little more difficult and slightly less accurate because there is no official source for the information. Further, users sometimes share IP addresses and Internet service providers often base IP addresses.
Even when not accurate, though, geolocation can place users in a bordering or nearby city, which may be good enough for the investigation.
Internet Corporation for Assigned Names and Numbers (ICANN)
The Internet Corporation for Assigned Names and Numbers (ICANN) is an internationally organized, non-profit corporation that has the ultimate responsibility for Internet Protocol address space allocation, generic (gTLD) and country code (ccTLD) Top Level Domain name system management, and root server system management functions. As a private-public partnership, ICANN is dedicated to preserving the operational stability of the Internet; to promoting healthy and lawful competition; to achieving broad representation of global Internet communities; and to developing policies to foster these goals.
"Registrant"
Registrants are individuals or entities who register unique domain names through Internet Registrars. The Registrant is required to enter a registration contract with his Registrar, which sets forth the terms under which the registration is accepted and will be maintained. The Registrant's data is ultimately recorded in a number of locations: with the Registry, the Registrar, and, if applicable, with his webhosting provider.
"Registrar"
Domain names are registered by individual Registrants through many different companies known as Internet "Registrars." GoDaddy, for example, is a major ICANN-accredited Registrar. There are currently approximately 430 accredited Internet Registrars. A complete listing of accredited Registrars is in the ICANN Accredited Registrar Directory. A Registrar asks individuals, or "Registrants", various contact and technical information that makes up the official registration record. The Registrar maintains detailed records of the Registrant's contact information and submits the information to a central directory known as the "Registry." The Registry provides other computers on the Internet the information necessary to send the Registrant e-mail or to find the Registrant's Website on the Internet.
"Registry"
The Registry is the authoritative, master database of all domain names registered in each Top Level Domain. The Registry operator keeps the master database and also generates the "Zone File" which allows computers to route Internet traffic to and from Top Level Domains (TLD's) anywhere in the world. Internet users don't interact directly with the Registry; users can register names in TLDs by using an ICANN-Accredited Registrar (see above). Two of the largest Registries are Verisign (with authority over.com and.net TLDs, among others), and the Public Interest Registry ("PIR")(with authority over.org TLD's).
Top Level Domain (TLD)
Top Level Domains (TLDs) are the names at the top of the DNS naming hierarchy. They appear in domain names as the string of letters following the last (rightmost) ".", such as "net" in "http://www.example.net". The administrator for a TLD controls what second-level names are recognized in that TLD. The administrators of the "root domain" or "Root Zone" control what TLDs are recognized by the DNS. Generally speaking, two types of TLDs exist: generic TLDs (such as.com,.net,.edu) and country code TLDs (such as.jp,.de, and.cn).
"Whois"Data
All domain name Registries operate a "Whois" server for the purpose of providing information about all the Internet domain names registered with them. In a Shared Registry System, where most information about a domain name is held by separate individual Registrars, the Registry's Whois server provides a referral to the Registrars own Whois server, which provides more complete information about the domain name. The Whois service contains Registrant, administrative, billing and technical contact information provided by Registrars for domain name registrations.
By collecting and analyzing the Whois data, the Registry data, the Registrar data, and other bits and pieces of data about any websites associated with the domain name(s) you are interested in, a forensic investigator can often reconstruct a Registrant's identity, location and other contact information (e-mail, etc.).

Online Counterfeiting Likely to Escalate

Numerous federal lawsuits have been filed by Intellectual Property owners in recent years to attempt to address the intensifying online threat from "rogue websites."
Additionally, the US Department of Justice and US Department of Immigration and Customs Enforcement have seized millions of dollars in assets, as well as shuttered many such websites by utilizing existing criminal laws in the ongoing Operation In Our Sites.

However, while Internet traffic to these sites has been measured and determined to be substantial, little research has been done to empirically survey the existing body of data related to this phenomenon.

A comprehensive empirical survey of over 3,000 Internet websites that federal courts have ordered shut down because of their sale of counterfeit goods has revealed that online counterfeiters can collect immense profits by generating over $10,000 in sales with a $1,000 initial investment.

An analysis of an online counterfeiters' potential profit margin can be summarized in the sample breakdown of typical revenue and costs as follows: The average cost of registering a single Internet domain name: $10-$20 per domain name, annually. The average cost of hosting multiple e-commerce websites on a shared server: $120 to $160, annually. International shipping is either paid for by the customer, or absorbed by seller if it is a nominal cost (less than $10 per item). Credit Card/online payment processing fees: 3-5% of sale price. Wholesale cost of counterfeit goods varies by brand and product category.
For example, a typical counterfeit coat has a $40-$50 wholesale cost, retails for $230-$300 on a rogue website. A typical counterfeit handbag: $40-$50 wholesale cost, retails for $200-$300 on a rogue website. A typical counterfeit bracelet: $10 wholesale cost, retails for $70-$80 on a rogue website. A typical counterfeit watch: $10 wholesale cost, retails for $160 on a rogue website. 


Therefore, starting with a $1,000 investment, if one sets up a hosted e-commerce website ($160) linked to five domain names ($100), and invests the remaining funds ($700) in selling and shipping wholesale counterfeit goods, one could generate: Up to $11,200 by selling 70 counterfeit watches (11.2x the initial investment); Up to $5,600 by selling 70 counterfeit bracelets (5.6x the initial investment); or Up to $4,200 by selling 14 counterfeit coats or handbags (4.2x the initial investment).


This low-risk business model offers a comparable return on investment (ROI) to trafficking in illegal narcotics.  Because of this dramatic ROI, online counterfeiting networks are exponentially spreading on the Internet like an infection. For example, the ROI from a single successful website selling counterfeit products encourages the creation of many more such websites.


Skilled programmers who have access to sophisticated technology and an extensive supply of counterfeit products are creating and operating these sites. To protect their business model, they are employing a variety of creative tactics to frustrate efforts to monitor them and remove them from the marketplace.


For example, they dynamically redirect their websites across multiple servers located in different countries. Significant server bandwidth is dedicated to hosting such sites, with large blocks of server space and IP addresses dedicated to managing the Internet traffic to them. Counterfeiters' websites are creating significant actual consumer confusion. One reason is that prices for counterfeit goods are designed to be credible to suggest genuine, discounted products rather than low quality counterfeits. Goods received are typically shipped directly from locations throughout China and Hong Kong, and


China is the country most often named as the country of the Registrant. However, Registrants do not usually provide legitimate or consistent contact information when registering new domain names, often using gibberish, nonsensical words and false addresses. Further, some Registrants are using the "Privacy Protection" services offered by Registrars to purchase a cloak of further anonymity. Software applications make it easier for infringers to create, register and warehouse thousands of domain names that contain permutations of trademarked brands. These conclusions make it likely that "rogue websites" selling counterfeit goods will likely continue to proliferate, demanding that legal action be taken by brand owners.