I am looking for a domain name registrant. Where can I look it up?
The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.
On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.
I would like to transfer my domain name to another registrar. What is the procedure?
To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.
The details registered about me/my company are incorrect or out of date. How can I get them updated?
To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.
Why is my domain name in quarantine?
When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.
One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.
Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?
Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.
What conditions do I have to meet as a registrar?
Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.
The Dutch Anti-DDoS Coalition is a national consortium of seventeen organisations from various sectors (e.g. ISPs, banks, government agencies and law enforcement) committed to fighting DDoS attacks together. In this series of three blogs, we’ll first discuss the rationale behind our initiative, then describe a technical facility called the DDoS clearing house that enables coalition members to automatically measure and share the properties of DDoS attacks (e.g. attack duration and source IP addresses), before finally reviewing our key challenges, the lessons learned and the way forward.
Our lessons learned are an important input for a 'cookbook' to set up anti-DDoS coalitions elsewhere in Europe.
Note: we’re using two types of reference in this blog series: hyperlinks refer to more high-level background information, while numbers between straight brackets ([]) link to in-depth technical material such as academic papers.
DDoS attack landscape
A Distributed Denial-of-Service (DDoS) attack overwhelms a network with traffic, thus denying servers connected to the network the ability to service legitimate requests from their clients. The attacker typically accomplishes this by simultaneously transmitting traffic from a large number of machines distributed across the internet to the target, for example by infecting those machines with malware that carries out the attack. Another type of DDoS attack is when the attacking machines exhausts a server’s resources (rather than swamping the network) [DDOS13]. For example, the attacker could repeatedly start a logon session with the server, thus forcing it to make many demanding computations such as database lookups to get usernames and user credential checks. As a result, the server uses up its resources (e.g. TCP connections, memory and CPU cycles), so it is unable to serve legitimate user requests.
The most recent large-scale DDoS attacks in the Netherlands took place in January of 2018 and caused disruption to financial, government and other services. The alleged attacker suggested that he had bought the attack capacity online “as a service” for just forty euros.
Cooperative DDoS mitigation to the rescue
While DDoS attacks have been around for a long time and are routinely handled by specialised services (e.g. NBIP-Nawas or commercial equivalents such as Akamai and Cloudflare), we expect the risk they pose to society to increase. For example, on the Internet of Things (IoT), a DDoS attack might take out the remote services that the smart traffic lights in a city depend on to work safely and correctly. At the same time, the IoT itself also poses a risk [SAC105] because it enables DDoS attacks from large numbers of insecure IoT devices that are typically difficult to fix in bulk, for instance because they operate autonomously or because they lack a standardised firmware update mechanism [FW19].
One potentially effective way to counter such attacks is for service providers to fight DDoS attacks on a collaborative basis. The concept of collaborative defence has been around for a long time [DDOS13] [BloSS19] but has not yet been widely adopted. Instead, service providers currently mitigate DDoS attacks single-handedly, focusing on protecting their own infrastructures. Some do nevertheless participate in group protection services such as NBIP-Nawas to share equipment and expertise, and to spread the cost.
Dutch Anti-DDoS Coalition
In the Netherlands, we decided after the January 2018 DDoS attacks that things needed to change. Specifically, we decided to put the concept of cooperative DDoS mitigation into operation at the national level. To that end, we set up the Dutch Anti-DDoS Coalition, a national voluntary consortium of seventeen organisations from a wide variety of sectors. The coalition members include ISPs, banks, internet exchanges and government agencies.
While the backgrounds of the coalition members differ greatly, they share a common goal: to improve the resilience of Dutch online services by fighting DDoS attacks on a cooperative basis across organisations and sectors. Our coalition is unique because we utilise a combination of cooperative instruments: (1) sharing expertise and experiences among coalition members, (2) sharing measurements of the properties of DDoS attacks through a so-called “DDoS clearing house”, (3) jointly carrying out DDoS drills, (4) providing the public with information about DDoS attacks, and (5) promoting security standards that help to protect against DDoS attacks. We’re initially focusing on “critical” service providers, but we’ll also seek to include other organisations at a later stage.
To realise our goal, the coalition has adopted a two-layer membership model (Figure 1). The core consists of members who cooperate through operational activities: they measure and share DDoS attack properties and they jointly carry out large-scale DDoS drills (more on both in Part II and Part III). The other members focus on sharing expertise on responding to DDoS attacks.
Figure 1. High-level organisational structure.
Members organise themselves into working groups, such as a technical working group to develop and operate the technical facilities for sharing DDoS measurements, a legal working group to develop and evolve information sharing agreements, and a ground rules working group to formalise our coalition procedures. Our organisational structure is informal at the moment, but we may turn it into a (dedicated) legal entity in the future when more members join.
Cookbook for other European Member States
Our lessons learned (e.g. technical, legal, and organisational) will be an important input for a “cookbook” to set up anti-DDoS coalitions elsewhere in Europe. SIDN, SURF, and the University of Twente will develop the cookbook together with partners like Telecom Italia as part of CONCORDIA, a research project with over 50 partners from industry and academia that focuses on data-centric cybersecurity and aims to set up a leading cybersecurity network of excellence for Europe.
Next week
In our next blog of this series, we’ll zoom in on the clearing house, the technical system that we’re building to measure the properties of DDoS attacks and share them among coalition members.
Acknowledgements
SIDN, SURF and the University of Twente were partly funded by the European Union’s Horizon 2020 Research and Innovation programme under Grant Agreement No 830927. Project website: https://www.concordia-h2020.eu/.
References
[DDOS13]
Saman Taghavi Zargar, James Joshi and David Tipper, “A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks”, IEEE Communications Surveys & Tutorials, Vol. 15, Issue 4, 4th Quarter 2013
[FW19]
B. Moran, H. Tschofenig, D. Brown and M. Meriac, “A Firmware Update Architecture for Internet of Things Devices”, draft-ietf-suit-architecture-05, April 2019
[SAC105]
T. April, L. Chapin, K.C. Claffy, C. Hesselman, M. Kaeo, J. Latour, D. McPherson, D. Piscitello, R. Rasmussen and M. Seiden, “The DNS and the Internet of Things: Opportunities, Risks, and Challenges”, SSAC report SAC105, June 2019, https://www.icann.org/en/system/files/files/sac-105-en.pdf
[BloSS19]
Bruno Rodrigues and Burkhard Stiller, “Cooperative Signaling of DDoS Attacks in a Blockchain-based Network”, SIGCOMM Posters and Demos '19: Proceedings of the ACM SIGCOMM 2019 Conference Posters and Demos August 2019, https://doi.org/10.1145/3342280.3342300
This a re-publication of an article that first appeared on nomoreddos.org on March 10, 2020.
