Domain deletion called forgery
Thomas Leavitt of WebCom knows what it's like to wake up and find you've virtually disappeared. Now he wants to help others avoid the same fate.
Yesterday morning, Leavitt, vice president and cofounder of Internet hosting service WebCom, discovered that the company's domain had been canceled.
"One of our customers was having problems sending email to us," he said. The customer called the 24-hour notification line and got Leavitt out of bed. That was 7 a.m. PT.
After some checking, Leavitt determined that the InterNIC had deleted WebCom's domain name. "We immediately contacted the InterNIC and said, 'What in the world is going on here?' We did not submit any updates."
Leavitt said the person on the other end of the phone told him that the InterNIC had received an email followed up by a fax on WebCom letterhead, ordering the cancellation.
"Someone submitted a domain name deletion template to the InterNIC from AOL," he said. "That was followed up by a fax on 'our letterhead signed by the CEO and myself' authorizing the deletion." So the InterNIC made the cancellation.
The alleged letter and fax were forged, according to Leavitt. No one at the company ever contacted the InterNIC, let alone ordered a cancellation, he added. "The InterNIC went ahead without making any effort of contacting us and canceled us."
David Graves, Internet business manager for the InterNIC, said that the registrar is investigating the incident. "We're aware there was a problem with their domain name. But whether it was predicated by a fax, we don't know yet. Until we have an opportunity to understand what happened, we're unable to provide any explanation."
Graves added that the InterNIC has a multilayered security system in place for changes such as cancellations.
But as far as Leavitt is concerned, there was virtually no checking to make sure that the cancellation was legitimate and not the work of a prankster or disgruntled customer.
"Anyone's vulnerable to waking up in the morning and having their domain gone without any notice. It was quite annoying, to say the very least. I was very upset."
Had it not been for the savvy customer, WebCom might have suffered a major outage, Leavitt added. As it was, the outage was not widespread and did not have a major impact. He added that WebCom, because of its size, also was able to put pressure on InterNIC, persuading the company to turn its site back on right way. Its domain name was restored by 2:30 p.m. PT.
But had it been a smaller firm, Leavitt worries that it might have been stuck. "It raises significant questions about the InterNIC's ability to handle these things in a secure fashion. We have enough leverage to demand the InterNIC fix it right away. Initially, they were telling us it would take 24 hours. But a smaller company might not be able to force them to acknowledge their mistake and address it immediately.
"Only a few customers were affected by this. We were just extremely inconvenienced. Had we not been alerted to the situation and taken immediate action, the effect would have been much worse."