Network Solutions - Squat for the Win
9 January 2008
Front Running
Let us imagine an imaginary organisation asks a hypothetical stockbroker to buy a large number of shares, this may well cause the stock to rise in value.
So that particular stockbroker knows a piece of information that no other stockbroker knows, that a share is about to rise.
So this stockbroker could buy a smaller number of shares beforehand for himself, then buy his customer's shares (raising the price), after the rise, the stockbroker can sell his own shares making a tidy profit in the process.
This is called front running and they send people to jail for such things because in this case our hypothetical broker has taken advantage of his customer and manipulated the market by unfairly using his insider knowledge.
So unethical and illegal for shares, but allowed for domain names? It seems so. The Internet is after all the wild west, and it has its fair share of cowboys, however it is a bit ridiculous when one of the biggest domain name companies is allowed to get away with front running domain names.
Using dig
The Internet works by every publicly available computer having an IP Addresses. However, the WWW and email and so on do not normally use IP addresses, instead they use domain names are there are DNS servers which translate the domain name to the correct IP address so your computer can talk to the remote machine.
This is of course covered by multiple layers of abstraction. So you type a domain name into your web browser, the browser then talks the DNS resolver in your operating system which then talks to the DNS resolver at your ISP which talks to another one so on. Most of the time, the requests are cached somewhere along the line. But somewhere in that are the DNS servers.
Dig is a tool that allows you to look up a domain in the same way that would happen when you use your web browser, but you can see the results yourself.
So lets start with the domain bbc.co.uk
dig bbc.co.uk +trace
This prints lots of output to the screen, ending with:
So we ended up at one of the BBC's servers. Now lets do it again for the made up domain bbcfish.co.uk
Because the domain does not exist, we have ended up at the server of Nominet, the organisation that controls the UK domain.
The Power Of The Crimp
The Flighty Zeus were the baddies in an episode of the Mighty Boosh. So if we were them, we might want a website for our fans to visit. Lets say we want to look at the following domain name:
theflightyzeus.com
So in our case, we run the following command:
dig theflightyzeus.com +trace
Again this name does not exist either, we end up with a server belonging to VeriSign, who control the .com domain.
Network Solutions' domain squatting
When someone is considering purchasing a domain name, often they will turn to a website offering a 'who-is' service to see if a domain is free or not, and who owns a certain domain.
If the customer buys a domain, then the domain name company ('registrar') turns it on straight away but they have a five day grace period in which to the registration fee to VeriSign for a reserved domain.
Now the accusation is that Network Solutions are spying on the users of its whois service, by recording the searches and then reserving the domain. This doesn't bankrupt them because they can drop the domain before the five- day grace period ends.
This has the result that for those five days, the customer can only buy the domain from Network Solutions, other domain name companies are locked out.
This is akin to the front running because Network Solutions has insider knowledge that a customer is considering buying a domain name, and they reserve it before other companies have a chance to win the customer's business on factors such as price or service.
The customer can only buy the domain from Network Solutions, the only other choice is to chance it and hope that no one else buys the domain and hopefully Network Solutions will eventually release the domain name back into the pool.
Domain squatting is illegal for other people like you and I, but it seems that Network solutions is allowed the first five days squatting for free!
The four-way crimp
So let's test it.
First we type the theflightyzeus.com domain into Network Solutions' Whois service:
And of course, we already know the domain is free, but Network Solutions confirms the fact:
However, by this point, Network Solutions has already put a reserve on the domain name. Let's head over to a different domain name company, say Go Daddy:
If you saw at the large red writing in the middle, you will see that Go Daddy is not able to sell me this domain, they have been locked out by Network Solutions' opportunistic reservation of the domain. If that is not anti- competitive then I do not know what is!
Lets head over to a different company's whois service, and yes the domain is registered by Network Solutions:
Lets see if we can buy the domain from 123-reg.co.uk:
Nope it is taken. If we click on the icon for further details we see the following:
Lastly we can run the dig tool that we used earlier:
dig theflightyzeus.com +trace
Of course, there is no point in taking hostages if you don't leave a demand note, and here it is:
A splash page that any domain name squatter would be proud of.
It seems to work the same every time. The solution is to not use untrusted whois services when you are considering a possible domain.
Before you say, "its okay, I use the whois command on Linux", well guess what service that connects to? Yup you guessed it, the default is whois.networksolutions.com!
Life is easy when you are fat
I remember writing an Economics essay once at school that covered the fact that if you or I cannot pay our debts, then we are thrown out on the street; while a large corporation or utility can have billions of debt and banks and the government (at least the Conservative government of the day) will fall over themselves to keep the company alive for another day. Some debtors are so big that the banks feel can't afford for them to go bust so they are willing to throw good money after bad.
Eventually, there was a new government and for a while, they believed that bailing out firms rewarded bad management, and tried to avoid this, letting big firms go bust and instead spend the money trying to help the newly unemployed workers. However, eventually they bailed out a bank called Northern Rock with 25 billion quid.
If you have to be a debtor, be a huge debtor. It seems the same is true for other things. If you are going to be a domain squatter, be a huge multi- billion dollar organisation with representatives on all the Internet committees and contracts with everyone, you can do whatever you want however bad it looks.
Update: Hilarious Jusification from Network Solutions. With apparently no- self awareness (money will do that to you), they describe their practice as a "security measure to protect our customers", protection as in racket. They are protecting you from other (cheaper) competitors.
1 Davis Freeberg says...
This is unbelievable. Anyway you look at it, it's monopolistic behavior. Someone needs to step and put a stop to this. Their explanation doesn't even make sense. They are trying to protect their customers by publishing a list of domains that they've searched for. It'd be one thing if that one customer had a lock on the domain for five days, but anyone can cherry pick their registration list as long as they buy it from Network Solutions. This isn't stopping front running, it's just directing the business back to them.
Posted at 6:34 a.m. on January 9, 2008
2 sole says...
Ha! Very good analysis, I had heard about this news but I didn't know that the whois command queried whois.networksolutions.com
I tend to use traceroute ... not sure if it's the same thing at the end. Did you check it with a bit of netstat or is there any other way?
Posted at 2:33 p.m. on January 9, 2008
3 AJS says...
I'm not really surprised this is happening. After all, if someone is looking up the availability of a domain name, that might be because they're planning to buy it.
That doesn't mean for one second that I don't think there should be a law against it, though!
There is no way that this can be described as anything but anti-competitive behaviour.
Posted at 10:05 p.m. on January 9, 2008
4 Cor says...
Well nothing new on the fact that big companies/countries can apparently get away with anything they like, but the fact that it also hits the Domain/Internet registration service is a bit frustrating to say the least. They deserve a good old fashioned black hat crack, bastards!
Unbelievable, really! The BBC or CNN should actually broadcast your article! Way better news than the crap they broadcast right now!!!
I really enjoy reading your blog! Keep it up!
Posted at 11:45 p.m. on January 9, 2008
5 Matthew Keefe says...
I can't believe this isn't already illegal.. sickness ftw
Posted at 2:31 a.m. on January 10, 2008
6 Kevin Fox says...
I could understand Network Solutions' rationale that they're placing a temporary hold to make sure that their user can get the domain they just checked on, but putting up a 'register this domain now' temporary page at the domain's web address blows a hole in that theory.
It's no longer 'we're holding the domain for you' but rather 'We're holding the domain for you... or anyone else who will pay us.'
I always suspected Network Solutions was shady enough to do this. It's sick to see that I was right.
Posted at 2:40 a.m. on January 10, 2008
7 Nathan Smith says...
Out of curiosity, I checked on the domain name Networksolutions-Sucks.com. Lo and behold, it is registered (and under construction, even) by Network Solutions. Priceless...
http://flickr.com/photos/nathansmith/2182311740/
Posted at 3:07 a.m. on January 10, 2008
8 Jeremy Pinnix says...
They also put a lock on a domain for 45 days when you modify any contact information for a domain. Recently I was trying to transfer a domain for a client whose email was no longer valid. We had to change the contact information. Once again, this was to "protect" the NS users. Very unethical tactics on both counts.
Posted at 3:45 a.m. on January 10, 2008
9 Ryan Gray says...
I just tried to make them reserve networksolutions-are-losers.com, and noticed that it indicated networksolutions-are-losers.co.uk was taken. Good job! However, Godaddy still shows networksolutions-are-losers.com as available. Hmm, are they not doing it any more?
Posted at 3:48 a.m. on January 10, 2008
10 Alvin says...
Excellent investigation. Thanks for revealing their shady ways, I shall never go to Network Solutions.
Posted at 5:44 a.m. on January 10, 2008
11 mr-o says...
Funny how they also seem to be squatting on "networksultionsarethievingc*nts.com" (without censorship of course). I wonder how THAT could have happened? ;)
Posted at 8:29 a.m. on January 10, 2008
12 Hutch says...
Thanks for exposing these theiving b@rstewards - this needs to be publicised to the point that the company reverses this policy (and any others that might do it).
P.S. I failed "The Human Test" anti-spam device first time around - does that mean I'm an alien? And me a member of Mensa as well.
Posted at 10:58 a.m. on January 10, 2008
13 Remy says...
Thinking out loud:
Is there any reason why someone couldn't write a script than ran through a dictionary (either of real words, or something a little smarter) every five days running whois on Network Solutions web site (without it being a DNS)?
Obviously the first effect is domain availability will go down the toilet because NS solutions will have reserved them all. However, the knock on effect would be (I hope) all the other domain registras get pissed at NS and kick their arse because no one can register domains with the other guys anymore.
It's obviously a daft idea, but it's really getting out of hand how many domains are just being squatted on.
Posted at 11:32 a.m. on January 10, 2008
14 Bryan says...
Thanks for writing about this. For years this has pissed me off, and I've always told my clients to just type the domain name they want into browser's url bar. If it doesn't connect, then its probably available.
I'll be continuing my boycott of Network Solutions.
Posted at 3:18 p.m. on January 10, 2008
15 cabane says...
I've just tried with a few unregistered domains, and each time the domain is still available from GoDaddy or Whois.Net...
Posted at 4:33 p.m. on January 10, 2008
16 Zeth says...
Hi all, thanks for the comments,
@cabane
It appears that Network Solutions has noticed to bad PR and is now making it up as they go along, trying to see what they can still get away with:
Network Solutions will register domains only when people search for domains from the company's home page. No longer will it do so when people use the company's Whois search page, Wade said.
A slight improvement, but I still they are gaming the system. Either a customer has bought the domain or they haven't. Taking a 5-day monopoly on potential registrations is still anti-competitive.
Posted at 4:51 p.m. on January 10, 2008
17 diskgrinder says...
just tried
networksolutionsaremonopolisticfrigtards.com
seems they didn't squat this one. D'you think you've shamed them into stopping this?
Posted at 7:17 p.m. on January 10, 2008
18 Bill'O says...
It looks like they've stopped. For now. Let's hope they still get smacked with a lawsuit.
Posted at 8:27 p.m. on January 10, 2008
19 Hood says...
I could be wrong, but I THINK this is standard practice when you lookup the availability of a name with any high-end registrar. Basically they're treating your search as the beginning of the reserve process. It's still tacky because the odds of two people trying to reserve the same name at the same time is insanely slim, but apparently it's enough for them to say "if our form says the domain is available at the beginning of the purchase process, we have to do something to make sure it's still available by the time you finish filling out the form."
To test this, perhaps do the same test outlined above with another large registrar that would be able to take advantage of that '5-day grace period' to see if they do the same thing.
It's tacky, i agree, but I'd be surprised if they were the only one taking advantage of the 5-day grace period.
Posted at 9:26 p.m. on January 10, 2008
20 mark says...
hasn't stopped. just tried with fuckingbastardswebsquatting.com
Posted at 12:52 p.m. on January 11, 2008
21 Brian says...
Someone I am working with just got screwed by this exact thing and I discovered what was going on for him. The problem with Network Solutions doing this is you could also go and screw over a competitor and let netsol do the squatting for you.
Posted at 6:15 p.m. on January 11, 2008
22 Justin says...
I have a feeling that if I took someon hostage and claimed I did it to protect them from someone else I would still be locked up.
Posted at 1:19 a.m. on January 12, 2008
23 Quantum says...
Thanks for such an informative post.
A quick read of the man page and it appears you can list alternative whois servers in /etc/whois.conf. I will certainly be adding alternatives to networksolutions.
Posted at 4:03 p.m. on January 12, 2008
24 Tom says...
@Hood I think you are wrong. I typically register through GoDaddy and will sometimes search across a few different registrars. I've never encountered this kind of squatting before.
Posted at 8:39 p.m. on January 12, 2008
25 Simon says...
That is amazing! How can they get away with that?
Posted at 6:48 p.m. on January 18, 2008
26 mindleak says...
So who wants to write a tool to submit thousands of random word domain searches to Network Solutions every second?
Posted at 5:38 a.m. on January 22, 2008
27 Nick Kotarski says...
Absolutely outrageous behaviour.
Another annoyance is the apparent renewal letters from Domain Registry of America, Domain Registry of Europe, EU Registry Services. They look loike renewal notices but are in fact offers to transfer the domain to another registrar. They are significantly more expensive than most registrars and probably have nasty terms and conditions to boot.
Nick
Posted at 10:57 p.m. on January 27, 2008
28 santos says...
could someone list whois servers that don't rely on netsol's?
are those "clean" whois services:
http://www.bustaname.com/ http://instantdomainsearch.com/ http://www.namecheap.com/ http://whois.domaintools.com/
I found another solution: The geektools whois client. in `http://www.tiawood.com/did-you-know-/domains/the-truth-about-whois-search- and-domain-inquiry-s-2.html`_
It might just not work on the go from your phone, nor at work or at the cybercafée where you cannot install apps. In which case we'll stick to the command line...
Posted at 6:34 a.m. on February 15, 2008
29 Dan says...
I was just with a new client who checked a domain name with network solutions. Now we cannot register the domain for them and using the registrar that we use to manage all of our domain names and web servers. Seems we have no choice but to register with NS at the higher price and also use there service to manage the domain. We quit using their services years ago because it was so over-complicated and over-priced. I'm pissed to be forced back to NS, because I cannot risk losing the domain name for my client.
Posted at 8:49 p.m. on February 19, 2008
30 Corey Behnke says...
I was actually looking up domain names yesterday and this happened to me. I checked on a couple sites but after I check on Network Solutions to check the price- it locked out Godaddy from signing me up. It said the name had been taken by Network Solutions. Of course when I went back to Network Solutions- I could easily get the name from them. What really pisses me off is that I found Google Apps $10 a year program with free private registry and when u compare it with Network Solutions 34.99 plus 9 a year private reg is apples and oranges- I mean make a profit but we are talking about a few characters in a string...it's like wtf? Now I only have the option of doing something really dumb by paying a crapload more or forfeiting a good idea for a domain name. I have another domain name on their account but as soon as I can transfer I am. :(
Posted at 4:47 a.m. on March 2, 2008
31 mike says...
I just ran into the same thing. It is truly an unethical practice. I don't have much spare time but I am going to use some of it to try and become a thorn in their side.
Thanks for the article revealing this bunch of hoodlums other wise known as networksolutions.com
Posted at 6:35 a.m. on March 22, 2008