01-15-2006, 02:40 AM
|
|
View Beta Profile
Web, Graphic & Print Designer
|
|
Join Date: Jul 2005
Location: Buffalo, NY
Posts: 2,540
|
|
Very true, but the owner of Nectartech did give Marc the permission to do so.
__________________
STEVE GARBUS | stevegarbus.com | me@stevegarbus.com
Professional full-time web, graphic & print designer with over 6 years experience
Contact me today for your custom quote & an exciting, all new web 2.0 look for your business!
|
01-15-2006, 02:57 AM
|
|
View Beta Profile
I am a newbie :D
|
|
Join Date: Jun 2004
Location: Internet
Posts: 1,678
|
|
|
01-15-2006, 03:33 AM
|
|
|
Don't forget to renew: Expires 26-feb-2006 
|
01-15-2006, 03:44 AM
|
|
|
Quote:
|
Originally Posted by macdonaldp
Why is it so hard to understand that the employees in the abuse department are the only ones who can turn the domain back on?
|
Because people have different expectations.
Quote:
|
Originally Posted by kevhosting
I don't think they should even have the power to shut down a site because of phishing, spam or anything.
|
You know, I once started a thread asking if a registrar should butt in on alleged
spam complaints. Most if not all agreed no.
However, one price registrars like Go Daddy pay is they get many complaints for
domain names used for illicit purposes, especially if these were registered using
stolen credit card info. What's worse is these domain names don't use their DNS
at all.
One can only imagine the headaches in dealing with complaints like that, especially
if they're mounting with no signs of slowing down.
|
01-15-2006, 04:09 AM
|
|
View Beta Profile
Community Guide
|
|
Join Date: Nov 2005
Location: Minneapolis, MN
Posts: 1,289
|
|
Quote:
|
Originally Posted by davezan
You know, I once started a thread asking if a registrar should butt in on alleged
spam complaints. Most if not all agreed no.
|
That's because the registrars are completely incapable of taking any actions that would actually stop or deter spam. Even in the case of phishing, most of the e-mail that I get contains links to numerical IP addresses so DNS isn't a factor.
Pulling the root name server entries for a domain only stops traffic destined for the domain, not eminating from it. At that level they can just make the MX records disappear so that domain can no longer receive mail. Actually, pulling the records would probably help the spammer because there would be less competing traffic and they would have more resources available to them.
GoDaddy is trying to assume the enforcement role of the upstream bandwidth provider and doing a rather poor job at it.
Eric
|
01-15-2006, 11:02 AM
|
|
|
I have read everything in this thread, and I must say I am surprised that there are still people here who think that Godaddy did nothing wrong.
Let's recap...:
Marc's friend's company, Nectartech, is a hosting company which (from memory) hosts about 1500 domains. The DNS for these domains is hosted on two name servers under the nectartech.com domain, ns1 and ns2.nectartech.com
A server under Nectartech's control gets compromised and is briefly used to run a phishing script. Nectartech are informed of this and take immediate action to fix the situation.
TWO DAYS LATER (i.e. long after the situation has been fixed) Godaddy get wind of the fact that there was a security breach two days previously, and decide to deactivate nectartech.com - which means that ns1. and ns2.nectartech.com are now dead and 1500 customers' domains cease to work.
This is a bit like bombing a whole apartment block because you saw a criminal walking into the building two days ago... without checking whether or not the criminal is still there!
Moreover, they then flatly refuse to reactivate the domain, stating that the relevant department won't be back at work until after the week-end. Someone said that one has to accept that companies have to follow "proper procecures", but if those proper procedures prevent a company from reconnecting a customer for three days then those procedures are clearly inadequate. Even if the relevant department does not normally work at week-ends there should be a call-out system in place for cases like this one.
And as for comments like:
Quote:
|
Also, I find it strange that a datacenter would buy from a domain site instead of buying either a Enom reseller account or directly from ICANN
|
... I take it that the person who posted this is a newbie not just to this forum but also to the domain name industry?
"Register direct with ICANN???" ICANN does not register domains. ICANN accredits registrars. There are plenty of threads here which explain the procedure and it should be obvious from these threads that getting accredited as a registrar is not a viable option for a small or medium-sized hosting company. And as for using Enom rather than Godaddy... Enom is a registrar, Godaddy is a registrar. Choosing one registrar over another is entirely a matter of personal choice; there is nothing strange about a hosting company choosing Godaddy rather than Enom (it's just like picking one make of car over another!)
I think Godaddy were entirely in the wrong here... though the one piece of advice I would give Nectartech (in order to make themselves less vulnerable) is that they register an additional domain and get it hosted on a different network and offer their customers one name server under each domain... so that if one domain goes down for whatever reason their customers' domains will continue to work. I can see that ns1 and ns2 are on the same network which is not exactly the most reliable set-up....
|
01-15-2006, 12:16 PM
|
|
|
The Nectartech datacenter and their technical management are completely at fault here, NOT Godaddy.com. Any company that takes money from customers for hosting and has such a huge a single point of failure that depends on a 3rd party outsourced 2nd rate hosting company isnt very forward thinking. GoDaddy is good for personal pages and blogs NOT serious commerce or Professional level hosting.
I'd be more concerned about the bad press for Nectartech than for GoDaddy, GoDaddy took a pretty standard approach to an issue, if that wasnt taken into consideration by Nectartech, shame on them.
|
01-15-2006, 12:20 PM
|
|
View Beta Profile
Aspiring Evangelist
|
|
Join Date: Jun 2001
Location: Gilroy CA.
Posts: 412
|
|
Quote:
|
Originally Posted by dvoor8
The Nectartech datacenter and their technical management are completely at fault here, NOT Godaddy.com. Any company that takes money from customers for hosting and has such a huge a single point of failure that depends on a 3rd party outsourced 2nd rate hosting company isnt very forward thinking. GoDaddy is good for personal pages and blogs NOT serious commerce or Professional level hosting.
I'd be more concerned about the bad press for Nectartech than for GoDaddy, GoDaddy took a pretty standard approach to an issue, if that wasnt taken into consideration by Nectartech, shame on them.
|
So - you're saying that Nectartech is at fault and not GoDaddy because Nectartech was stupid enough to register with GoDaddy? Thats rather twisted logic.
__________________
Marc Perkel
/root
http://www.junkemailfilter.com
marc@perkel.com
|
01-15-2006, 12:24 PM
|
|
View Beta Profile
Web Hosting Guru
|
|
Join Date: Mar 2003
Location: tail -f /var/log/nerd
Posts: 318
|
|
This is seriously nuts... 
Come Tuesday we are looking for options to move over 9K domains away from our godaddy reseller account we have.
I am done with these guys, I can not believe they would pull the plug days after the fact. I have Mr. Parsons personal email address (I been a domain reseller for way to many years, fisrt 100 resellers, when he used to communicate personally with people) and will be discussing with him why this happened in the first place, and WHY I should even consider staying. Why not suspend the domain that is phishing mail was coming from? Why suspend the name servers? Cripes!
Enom here I come!
Since we know Nectartech well I can vouch for their ability to respond to an abuse issue quickly and efficiently. They would never let phishing, spam etc etc run wild on their network, they are simply better then that. Period.
If I get a chance to personally speak to Sean Parsons (CEO Godaddy) I will record the call and post it up as well.
Best,
Clint
__________________
Mega Hosters Inc. - The Last Host You Will Ever Need!
Hsphere Control Panel, 24/7 Phone Support, EasyApp, Shared SSL, Daily Backups, Dedicated IPs, PHP4 & PHP5, FFMPEG, Legal Adult Content Allowed + More!
Treating A Customer The Way They Should Be Treated For Over 5.5 Years Now!
|
01-15-2006, 12:30 PM
|
|
View Beta Profile
Aspiring Evangelist
|
|
Join Date: Jun 2001
Location: Gilroy CA.
Posts: 412
|
|
It's not like it's even the customers fault. The customer of Nectartech wasn't at fault either. The customer was hacked. How can someone be in the dedicated hosting business if the data center gets shut down if a customer gets hacked into?
__________________
Marc Perkel
/root
http://www.junkemailfilter.com
marc@perkel.com
|
01-15-2006, 12:43 PM
|
|
View Beta Profile
iNET Community Coordinator
|
|
Join Date: Jun 2001
Location: WebHostingTalk
Posts: 28,695
|
|
Quote:
|
Originally Posted by MegaHosters
. . . Why not suspend the domain that is phishing mail was coming from? . . .
|
I think we read earlier that it wasn't registered with godaddy. Not that I'm too lazy to go back and look; but I am. 
__________________
Together, we can make a difference. Hosting For Haiti - 100% of donations go to the American Red Cross Haiti Relief and Development Fund.
|
01-15-2006, 12:46 PM
|
|
|
Wow, another horror story courtesy of GoDaddy. I'm amazed that people still use them.
|
01-15-2006, 12:50 PM
|
|
|
Quote:
|
Originally Posted by mperkel
So - you're saying that Nectartech is at fault and not GoDaddy because Nectartech was stupid enough to register with GoDaddy? Thats rather twisted logic.
|
This Dvoor8 guy posted on DSLReports too. I don't think he knows what a datacenter is. He thinks Nectartech is hosting with Godaddy or something.
|
01-15-2006, 01:02 PM
|
|
|
Quote:
|
Originally Posted by dvoor8
The Nectartech datacenter and their technical management are completely at fault here, NOT Godaddy.com. Any company that takes money from customers for hosting and has such a huge a single point of failure that depends on a 3rd party outsourced 2nd rate hosting company isnt very forward thinking. GoDaddy is good for personal pages and blogs NOT serious commerce or Professional level hosting.
I'd be more concerned about the bad press for Nectartech than for GoDaddy, GoDaddy took a pretty standard approach to an issue, if that wasnt taken into consideration by Nectartech, shame on them.
|
So, how does the fact that they don't have a redundant DNS server make them liable? It was still godaddy that took them down. And, even if they had a secondary DNS entry, that was valid and hosted from a different DNS company, godaddy CHANGED THE DNS RECORDS. They changed them to 'NS1.SUSPENDED-FOR.SPAM-AND-ABUSE.COM'. Your arguments about redundancy aren't very valid. They also didn't take down the domain at fault - instead, they took down the NS domain. So, if I am at a shooting range and miss the target and hit a window, the person with the window is responsible, since they should have had a guard over it, or a redundant window that could be immediately pulled down?
|
01-15-2006, 02:02 PM
|
|
|
Quote:
|
Originally Posted by AlexV
Wow, another horror story courtesy of GoDaddy. I'm amazed that people still use them.
|
lets see them talk about this when they advertise on the super bowl
__________________
Domain Maven
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
| Postbit Selector |
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
