Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

Dutch Anti-DDoS Coalition: lessons learned and the way forward

Increasing the Netherlands’ DDoS resilience together, part III of III

  • Tuesday 24 March 2020

Authors: Cristian Hesselman (SIDN and University of Twente), Remco Poortinga-van Wijnen (SURF), Gerald Schaapman (NBIP) and Remco Ruiter (Dutch Payments Association)

In parts I and II of this blog series, we introduced the concept of the Dutch Anti-DDoS Coalition and described the status of one of its pillars, the DDoS clearing house. Today, we’ll discuss the lessons we’ve learned and how we see the way forward. This will be the last blog in the current series, but we expect to get back to you all soon with news on the DDoS clearing house pilot.

Setting up a national DDoS clearing house Increasing the Netherlands’ DDoS resilience together A proactive and collaborative DDoS mitigation strategy for the Dutch critical infrastructure

Note: we’re using two types of reference in this blog series: hyperlinks refer to more high-level background information, while numbers between straight brackets ([]) link to in-depth technical material such as academic papers.

Did a lot, learned a lot (six lessons learned)

The DDoS clearing house is a key project for the Dutch Anti-DDoS Coalition. Although the system is not in operation yet, we’ve already learned a lot from our work. Those lessons are summarised below and we’ll flesh them out further as part of the DDoS clearing house “cookbook” that SIDN, SURF and the UT will be developing in the CONCORDIA project.

The need for a DDoS clearing house is widely recognised

We learned that from the feedback we received on our talks (e.g. at the One Conference and the CONCORDIA Open Door Event). That is also illustrated by the partners’ investments in the initiative. For example, all partners have assigned substantial personnel capacity (both technical and legal) and NCSC-NL, NBIP, SURF and the Dutch Payments Association have jointly funded a systems architect to further flesh out the overall architecture illustrated in Figure 3.

The value of the coalition goes beyond sharing DDoS fingerprints

For example, the members of the Dutch Anti-DDoS Coalition spotted the opportunity to collaboratively simulate network and application-level DDoS attacks and practise responding to them. Such activities fit naturally with the clearing house because of its cross-organisational nature and because it helps to increase the Netherlands’ DDoS resilience. The partners carried out a practice drill in October of 2019, which involved launching previously approved DDoS attacks on each other’s infrastructures to learn how their systems and teams would respond.

An anti-DDoS coalition is a crucial organisational vehicle for providing continuity

We identified this early on because we had to develop and maintain various work products such as a website, iterations of the clearing house’s data sharing agreement, procedures and waiver agreements for DDoS exercises, and the rules of engagement for coalition members (e.g. membership rules). That’s why we organised the coalition into several working groups, such as a technical working group to develop the clearing house software. A legal working group is particularly important for developing new versions of the data sharing agreement along with new versions of the pilot, which are crucial for speeding up the development and deployment of the clearing house.

Start with a small trusted group, then grow (trust scaling)

We started the development of the clearing house with ten partners. Keeping the group small facilitated the development of mutual trust, for instance through frequent face-to-face meetings. As a result, the group was confident that it could reach consensus on the technical direction, and therefore opted for unanimous decision-making in our current “governance model” (formalised as part of the data sharing agreement). That had the advantage of enabling us to make decisions quickly in the early stages, although a model based on unanimous decision-making will not scale up to an organisation with tens of partners. Our future challenge is to scale up trust, which means we’ll need to transition from a model where the ten service providers trust each other on a person-to-person basis (personal trust) to a model with a larger group of organisations that trust the clearing house and its procedures and governance mechanisms (impersonal trust [Gommans15]). The UT, SURF and SIDN will investigate scaling trust to a European level in the CONCORDIA project, inspired by the Dutch Anti-DDoS Coalition.

Keep the initial data sharing agreement crisp, simple and scalable

The data sharing agreement needs to clearly articulate the purpose of the first iteration of the pilot, which is to assess the usefulness and effectiveness of the clearing house by experimenting with exchanging DDoS fingerprints across different organisations and sectors. It also needs to cover other legal aspects (e.g. liability, security, PII and governance), but only in outline. That is important in order to keep the data sharing agreement simple and scalable and allow for technical experimentation. A future challenge will be to evolve the data sharing agreement so that its simplicity and scalability continue to be appropriate for subsequent pilot iterations.

Multidisciplinary working in the early stages is important

Certainly in a heterogenous cross-sector collaboration like the Dutch Anti-DDoS Coalition. For example, tech folk need to provide guidance to legal experts on the concept of a DDoS fingerprint and highlight the purpose and nature of the data exchange (collaboration and experimentation) because not all legal experts have the same level of technical expertise. That is important for minimising legal uncertainty, which helps the avoidance of conservative legal constructs (cf. [Silva19]). Similarly, early discussions with operational teams are important for understanding how they work. For example, we learned that the ops teams wanted to be able to create minimal fingerprints (e.g. just indicating suspected origin and protocol type) by hand through a UI or a command line tool, because even the DDoS dissector might fail under a severe DDoS attack.

What’s up for 2020?

Our goal for 2020 is to further flesh out the organisational structure of the coalition and to carry out further DDoS exercises with the consortium members. In addition, we will set up the second iteration of the pilot, in which the ten service providers automatically generate fingerprints, distribute them, and their ops teams use them to write filtering rules for their infrastructures. Our short-term aims for the clearing house are to get the data sharing agreement signed (four partners have signed already) and incrementally improve the dissector, DDoS-DB and converter software based on the requirements we developed (e.g. to use the converter as a DDoS detector that automatically forwards the traffic to a scrubbing centre). In addition, SURF, SIDN Labs and the UT will write a first version of the DDoS clearing house cookbook as part of the CONCORDIA project, using this blog as their starting point and incorporating our lessons learned in 2020. They will also set up a second clearing house instance (ddosdb.eu), specifically to carry out research in CONCORDIA, for instance on clustering fingerprints and further improving their accuracy, automatic generation of mitigation rules and sharing fingerprints with edge network security systems such as SPIN. They will use the data sharing agreement we developed to accommodate the work and make it available within CONCORDIA.

Conclusions so far

Our intermediate conclusion is that setting up a national anti-DDoS coalition has already demonstrated its added value, for example in terms of the community of organisations that emerged from it and the large-scale DDoS drills that we’re carrying out together. At the same time, developing and setting up a national clearing house is a challenging and sometimes tough undertaking because of the complexity of the work, which is often the result of non-technical factors such as working in heterogeneous partnerships, managing expectation regarding the technological readiness level of the pilot and evolving the data sharing agreement with different iterations of the pilot. Nonetheless, the seventeen partners in the Dutch Anti-DDoS Coalition continue to firmly support the clearing house concept, as does the wider Dutch and European operator community. Overall, we’re highly motivated and confident that we’ll attain our goals for 2020 and that we’ll also get the clearing house deployed, thus tangibly helping the Netherlands to handle DDoS attacks on a cooperative basis.

Acknowledgements

SIDN, SURF and the University of Twente were partly funded by the European Union’s Horizon 2020 Research and Innovation programme under Grant Agreement No 830927. Project website: https://www.concordia-h2020.eu/.

References

[Silva19] K. e Silva, “Mitigating botnets: Regulatory solutions for industry intervention in large-scale cybercrime”, Ph.D. thesis, Tilburg University, the Netherlands, Dec 2019
[Gommans15] L. Gommans, J. Vollbrecht, B. Gommans - de Bruijn, C. de Laat, “The Service Provider Group Framework; A framework for arranging trust and power to facilitate authorization of network services”, Future Generation Computer Systems, Vol. 45, pp 176-192, Mar 2015, http://www.delaat.net/pubs/2015-j-2.pdf

This a re-publication of an article that first appeared on nomoreddos.org on March 24, 2020.