The effort to implement a system to support the proposed seven new top-level domain names (TLDs) suffered a setback over the weekend when thieves broke into the ISP hosting the machines that house the front-end machine that acted as the firewall, and the database server housing all the names that were being registered as part […]
The effort to implement a system to support the proposed seven new top-level domain names (TLDs) suffered a setback over the weekend when thieves broke into the ISP hosting the machines that house the front-end machine that acted as the firewall, and the database server housing all the names that were being registered as part of a testing procedure. The Council of Registrars (CORE) hired Emergent Corp last October to produce a system whereby CORE’s 88 members could register domain names in ant of the seven proposed new top-levels without fear of conflicting names. However, since the publication of the government’s green paper on domain name management at the end of last month, which recommended a total of just five new TLDs in the immediate future, it is highly uncertain how many the CORE members will be responsible for registering. The Shared Registry System (SRS), as it’s known, was down for a total of 29 hours until short-term replacement machines were brought in late Monday night, San Francisco time. The machines were housed at Best Internet in San Francisco, an ISP, and apparently no other machines either in the cage housing the SRS or any other cages housed at Best Internet were touched. The primary DNS server and whois machines (for looking up names) are housed elsewhere in the US and the secondary DNS servers are in Australia, Canada, Europe and the US. The police and FBI have been informed about what appears to have been a inside job. From what we hear, thieves waited until a shift ended at 3:45pm local time and struck immediately afterwards. Normally a replacement would have been there, but she was ill, and didn’t learn about the break-in until about 6pm, via remote login attempts that failed. The back-end database contained an old copy of the SRS source code, which was written by Emergent, although more up to date versions had already been distributed to two other locations that are secure. Apparently CORE had hired a company to do a security audit of the Best Internet site, but had not completed its report, having finished the inspection nine days earlier. The executive committee of CORE has decided to replace the machines with similar models, despite one committee member – a former insurance assessor – insisting CORE bought cheaper machines this time, especially in light of uncertainties over its business plan, but he was out-voted. Approximately 40 of the 88 registrars are involved in the test at the moment, with about one a day being added. Apparently the green paper’s appearance slowed the take up of the SRS.