Back

28 Abuse Prevention and Mitigation

gTLDFull Legal NameE-mail suffixDetail
.globoGlobo Comunicação e Participações S.Aregistro.brView
.globo Registrant Data (WHOIS) Policy:

As a restricted registry, .globo registrant data shall always be real and valid information of the organizations that register a .globo domain, which can only be GLOBO or one of its affiliates. Persons cannot register domains on .globo.

All registrant data will be verified off-line prior to a domain registration being completed. If requested by GLOBO the registrant shall provide certified documents and or updated data in order to maintain WHOIS accuracy. Failing to provide timely responses for documents or data update requests can cause suspension (defined as the removal of domain publication within the DNS system) or cancelation of the domain.

Registration implies agreeing with legally binding responsibilities for the domain; such responsibilities cannot be transferred to a third party without transferring the domain itself and such transaction reflected in the WHOIS data. WHOIS privacy or proxy services are not allowed and not recognized; domains registered in the name of an organization will be considered to belong to such person or organization.


.globo Prevention of Abuse Policy:

ʺThe registrant agrees to use the .globo domain being registered or renewed only for lawful and non-abusive purposes.

Globo Comunicação e Participações S.A defines abuse as the bad, wrongful or excessive use of privileges or power including but not limited to:
- Botnet command and control (a command and control infrastructure to manage a group of infected computers that receives orders from unauthorized users(s) through the network) ;
- Child entrapment or abuse ;
- Distribution of child pornography ;
- Deployment of circular references within the Domain Name System (DNS) using resources of Globo Comunicação e Participações S.A, NIC.br and⁄or other Top Level Domains (TLDs) ;
- Fast flux hosting (rapidly changing DNS records in order to prevent detection or mitigation of an abuse);
- Phishing (unsolicited communication or Web page that poses as being from a known institution to trick users into disclosing personal, privileged or financial data);
- Sending unsolicited bulk messages thru electronic mail, forums, instant messaging, mobile messaging, social networks or comment boxes ;
- Theft of any online service ;
- Unlawful or fraudulent actions ;
- Unauthorized reproduction of works with third party rights ;
- Willful distribution of malware (any kind of software that executes malicious action on a computer system, like virus, worms, bots, trojan horses and root kits).ʺ

ʺ

----------------------------------
Abuse handling procedures:

Abuse detection procedures will be available by the e-mail box abuse@nic.globo to receive abuse complaints. All abuse complaints will be considered to be possible breaches of contract and evaluated by GLOBO legal department.

Target service-level for abuse and take action complaints is to set a course of action within one week for all complaints. Staffing for this system is already part of GLOBO legal department. Abuse and take action complaints from law enforcement will be given priority and skip queues.

-----------
.globo Take Action procedures:
ʺFor each abuse case one or more of these actions might apply:
- Remove DNS publication of the domain in cases where domain appears as only being used to exploit phishing, malware, bonnet command and control, fast-flux hosting, DNS circular references, child pornography distribution, child abuse and entrapment;
- Notice of abusive case to registrant ;
- Notice of abusive case to registrar ;
- Notice of abusive case to hosting provider(s) ;
- Notice of abusive case to appropriate computer incident response team ;
- Notice of abusive case to appropriate law enforcement authorities.

Preemptive measures like removing DNS publication will only be done to prevent further damages to the Internet community or endangered individuals and will have collateral damages of such actions assessed prior to reaching such a decision.ʺ

------------------------

.globo prevention of abusive transfer and⁄or cancellation:

All .globo domains wonʹt accept change of ownership or cancellation without authorization from proper Globo Comunicação e Participações S.A corporate officials.ʺ

-------------------
Measures for dealing with glue records:

Internet Protocol (IP) address is this context refer to both IPv4 or IPv6 regardless of IP protocol version.

- Host records wonʹt be allowed outside of domain objects. Glue records are only allowed as domain attributes and only allowed to be in-zone glue records (i.e, ns.example.globo for a example.globo domain) - When a domain is removed from publication all of its glue records are also removed, so no orphan glue records can exist.
- When a domain is registered the supplied DNS servers are tested to validate proper authoritative response; the registration transaction requires previous DNS configuration. This prevents amplification attacks that could arise by setting DNS glue records to victim IP addresses.
- If an IP address used to be a DNS server moves to a new delegated organization there might be undesirable traffic towards that address. Take action notices for such glue records, even they are not orphaned, will be accepted from the RIR(Regional Internet Registry) registered WHOIS contact for that address space.
- As only in-zone non-orphan glue records are allowed, any evidence of a glue record being part of malicious conduct will be considered as malicious conduct of the domain it belongs to and will subject such a domain to anti-abuse or take action policies.
gTLDFull Legal NameE-mail suffixDetail
.rioEmpresa Municipal de Informática SA - IPLANRIOregistro.brView
.rio Registrant Data (WHOIS) Policy:

As a restricted registry, .rio registrant data shall always be real and valid information of the organizations that register a .rio domain, which is an affiliate of Rio executive branch or some organization related to the city public policies places. Persons cannot register domains on .rio.

All registrant data will be verified off-line prior to a domain registration being completed. If requested by IPLANRIO the registrant shall provide certified documents and or updated data in order to maintain WHOIS accuracy. Failing to provide timely responses for documents or data update requests can cause suspension (defined as the removal of domain publication within the DNS system) or cancelation of the domain.

Registration implies agreeing with legally-binding responsibilities for the domain; such responsibilities cannot be transferred to a third party without transferring the domain itself and such transaction reflected in the WHOIS data. WHOIS privacy or proxy services are not allowed and not recognized; domains registered in the name of an organization will be considered to belong to such person or organization.

.rio Prevention of Abuse Policy:

ʺThe registrant agrees to use the .rio domain being registered or renewed only for lawful and non-abusive purposes.
IPLANRIO defines abuse as the bad, wrongful or excessive use of privileges or power including but not limited to:
- Botnet command and control (a command and control infrastructure to manage a group of infected computers that receives orders from unauthorized users(s) through the network) ;
- Child entrapment or abuse ;
- Distribution of child pornography ;
- Deployment of circular references within the Domain Name System (DNS) using resources of IPLANRIO and⁄or other Top Level Domains (TLDs) ;
- Fast flux hosting (rapidly changing DNS records in order to prevent detection or mitigation of an abuse);
- Phishing (unsolicited communication or Web page that poses as being from a known institution to trick users into disclosing personal, privileged or financial data);
- Sending unsolicited bulk messages thru electronic mail, forums, instant messaging, mobile messaging, social networks or comment boxes ;
- Theft of any online service ;
- Unlawful or fraudulent actions ;
- Willful distribution of malware (any kind of software that executes malicious action on a computer system, like virus, worms, bots, trojan horses and root kits).ʺ
ʺ


----------------------------------

Abuse handling procedures:


Abuse detection procedures will be available by the an e-mail box abuse@nic.rio to receive abuse complaints. All abuse complaints will be considered to be possible breaches of contract and evaluated by IPLANRIO legal department, which might defer the issue to the city attorney generalʹs office.

Target service-level for abuse and take action complaints is to set a course of action within one week for all complaints. Staffing for this system is already part of IPLANRIO legal department. Abuse and take action complaints from law enforcement will be given priority and skip queues.

-----------

.rio Take Action procedures:

ʺFor each abuse case one or more of these actions might apply:
- Remove DNS publication of the domain in cases where domain appears as only being used to exploit phishing, malware, bonnet command and control, fast-flux hosting, DNS circular references, child pornography distribution, child abuse and entrapment;
- Notice of abusive case to registrant ;
- Notice of abusive case to registrar ;
- Notice of abusive case to hosting provider(s) ;
- Notice of abusive case to appropriate computer incident response team ;
- Notice of abusive case to appropriate law enforcement authorities.

Preemptive measures like removing DNS publication will only be done to prevent further damages to the Internet community or endangered individuals and will have collateral damages of such actions assessed prior to reaching such a decision.ʺ


------------------------

.rio prevention of abusive transfer and⁄or cancellation:

All .rio domains wonʹt accept change of ownership or cancellation without authorization from proper IPLANRIO corporate officials or city public officials.

-------------------

Measures for dealing with glue records:
Internet Protocol (IP) address is this context refer to both IPv4 or IPv6 regardless of IP protocol version.

- Host records wonʹt be allowed outside of domain objects. Glue records are only allowed as domain attributes and only allowed to be in-zone glue records (i.e, ns.example.rio for a example.rio domain)
- When a domain is removed from publication all of its glue records are also removed, so no orphan glue records can exist.
- When a domain is registered the supplied DNS servers are tested to validate proper authoritative response; the registration transaction requires previous DNS configuration. This prevents amplification attacks that could arise by setting DNS glue records to victim IP addresses.
- If an IP address used to be a DNS server moves to a new delegated organization there might be undesirable traffic towards that address. Take action notices for such glue records, even they are not orphaned, will be accepted from the RIR(Regional Internet Registry) registered WHOIS contact for that address space.
- As only in-zone non-orphan glue records are allowed, any evidence of a glue record being part of malicious conduct will be considered as malicious conduct of the domain it belongs to and will subject such a domain to anti-abuse or take action policies.