GoFuckYourself.com - Adult Webmaster Forum - View Single Post - ***SLEAZY: Recovering the stolen domain ***

GeorgeK · 01-16-2005, 12:08 AM

Hello,

I've helped others recover stolen domains, and knew contacting Dotster would be a waste in terms of getting things done this weekend -- the key is to reach DirectI.com.

I got in touch with Bhavin Turakhia, whose contact info is:

Bhavin Turakhia
bhavin.t @ directi.com
Tel: +91-9820097557

I got him on MSN Messenger, screen name was the same as the email above. HE WOULD NOT CHANGE THE NAMESERVERS, GRRRRRRRRR.

To cover his butt, he wants Sleazy to FAX him:

http://in.directi.com/contactus/sales/

I would fax the US and Indian offices, but he's in India.

Here's what he said:

Bhavin@Directi says:
* we will check the list and make sure if theree are any fake whois we send a whois abuse notification
* we will inspect the transfer and figure whether it was genuine
* we will get a fax letter from the orignal registrant
* we will undo the transfer if we get all the abv info

Personally, I think the above is a joke, that knowing it's a stolen domain he wouldn't restore it to the prior ns1.national-net.com and ns2.national-net.com nameservers. He knows me from the WLS and SiteFinder debates, too (e.g. www.whois.sc/verisign-dns/ ).

But, hopefully Sleazy will get them to change the nameservers at least, pending the undo of the transfer next week.

Sleazy is losing major traffic. The thief's Extreme tracker wasn't password protected:

http://extremetracking.com/open;unique?login=xyber123

466,000 uniques yesterday.

If you check the Alexa ranking of easy-dater.com, it is very high (and that didn't sway Bhavin either, hmmm).

Using xyber000 found as a tracker on other domains, it became obvious the thief also stole: f3.com, aem.com and other domains too.

I continue to be appalled at the lack of help of registrars in domain thefts (I've helped recover other high profile ones, e.g. yy.com, helped avert n i g g er. com, and others that can't be named for legal reasons). Hopefully folks on this board with significant domains will assist in convincing ICANN that their policies need to be strengthened.

If you want to submit comments about the ridiculously weak Transfers Policy, do so at:

http://www.icann.org/announcements/a...nt-12jan05.htm

Basically, the security flaw is that the system ASSUMES (falsely) that the GAINING registrar does proper authentication of the transfers. That's an assumption that is false, clearly. It needs to go back to a system of double-authentication, where the losing registrar also authenticates the transfer request, before letting it go through. Moniker is one registrar to consider moving to (I keep all my domains at OpenSRS, whose security is great too).

01-16-2005, 12:08 AM
GeorgeK Confirmed User Join Date: Dec 2003 Location: Toronto, Canada Posts: 423	*SLEAZY: Recovering the stolen domain * Hello, I've helped others recover stolen domains, and knew contacting Dotster would be a waste in terms of getting things done this weekend -- the key is to reach DirectI.com. I got in touch with Bhavin Turakhia, whose contact info is: Bhavin Turakhia bhavin.t @ directi.com Tel: +91-9820097557 I got him on MSN Messenger, screen name was the same as the email above. HE WOULD NOT CHANGE THE NAMESERVERS, GRRRRRRRRR. To cover his butt, he wants Sleazy to FAX him: http://in.directi.com/contactus/sales/ I would fax the US and Indian offices, but he's in India. Here's what he said: Bhavin@Directi says: * we will check the list and make sure if theree are any fake whois we send a whois abuse notification * we will inspect the transfer and figure whether it was genuine * we will get a fax letter from the orignal registrant * we will undo the transfer if we get all the abv info Personally, I think the above is a joke, that knowing it's a stolen domain he wouldn't restore it to the prior ns1.national-net.com and ns2.national-net.com nameservers. He knows me from the WLS and SiteFinder debates, too (e.g. www.whois.sc/verisign-dns/ ). But, hopefully Sleazy will get them to change the nameservers at least, pending the undo of the transfer next week. Sleazy is losing major traffic. The thief's Extreme tracker wasn't password protected: http://extremetracking.com/open;unique?login=xyber123 466,000 uniques yesterday. If you check the Alexa ranking of easy-dater.com, it is very high (and that didn't sway Bhavin either, hmmm). Using xyber000 found as a tracker on other domains, it became obvious the thief also stole: f3.com, aem.com and other domains too. I continue to be appalled at the lack of help of registrars in domain thefts (I've helped recover other high profile ones, e.g. yy.com, helped avert n i g g er. com, and others that can't be named for legal reasons). Hopefully folks on this board with significant domains will assist in convincing ICANN that their policies need to be strengthened. If you want to submit comments about the ridiculously weak Transfers Policy, do so at: http://www.icann.org/announcements/a...nt-12jan05.htm Basically, the security flaw is that the system ASSUMES (falsely) that the GAINING registrar does proper authentication of the transfers. That's an assumption that is false, clearly. It needs to go back to a system of double-authentication, where the losing registrar also authenticates the transfer request, before letting it go through. Moniker is one registrar to consider moving to (I keep all my domains at OpenSRS, whose security is great too). __________________ I buy good domain names. Send lists to George (at) LOFFS.com