Home page logo

nanog logo nanog mailing list archives

Re: GoDaddy.com shuts down entire data center?
From: Martin Hannigan <hannigan () world std com>
Date: Sun, 15 Jan 2006 22:56:00 -0500 (EST)

The way a policy is enforced - how, in what situations etc - is what
matters.  Most if not all ISP AUPs say basically the same mom and
apple pie thing (no net abuse or we'll shut you down)

If what this guy says is right, his domain was taken down just because
one of his servers was broken into and spammed through.    I havent
heard godaddy's side of the story yet - might be better to reserve
judgement till they comment.

Godaddy (from what I can gather) generates a surprising number of these 
shut downs on weekends. The fact that their enforcement and 
reinstatement rules are not publicly available on their website 
(anywhere) and have no guarantees or assurances on time-to-respond 
smacks of something that could get very nasty and seems highly 
reactionary.... Would they suspend comcast.com or mcdonalds.com or 
ge.com if _one_ of their servers or services was hijacked? Highly doubtful.

In the long run, if this is a trend, those big enough will just become 
registrars themselves -- even if its just for their own operations. Its 
a silly thing for a domain registrar to take on enforcement operations 
that network operators aren't. Abusers don't care about domains, or 
domain names. Most abuse (spam aside) can operate perfectly well with 
just an IP address. By the time the DNS system pulls a domain the damage 
has already been done and the potential for high collateral damage is 
significant. Restoration time for good-eggs (say those who fix the 
problem once properly alerted) is several days in the best of cases with 
the bad result of acrimony and huge financial/reputation impact....

The only medium term impact is that Godaddy will lose the bad business 
and some good business and create some more competitors.

The only point I am trying to make is operational WRT the
command structure of a NOC. Several of us here have
built many of the large NOC's in operation of the Internet
today and if you put us all in the same room we'd all agree
that we already know how to build NOC's that respond and get
the job done for the most part. It ain't that hard anymore.


Do people really think waking up Bob Parsons at 0400
is a good idea for a $9.00 domain only account? He 
already got a roughly ~$50.00 response with all the time
he had GoDaddy on the phone and the out supervisor call.

I think if Parkel does, he needs to sign up with VeriSign,
UltraDNS, or anyone else who is running DNS assurance products.

Note: Please refrain from inferring an endorsement for DNS
assurance products. 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]