Company proposes blocking newly-registered domain names for security purposes.
Security firm Rapid7, Inc has filed a patent application (pdf) with the U.S. Patent and Trademark Office for “Domain age registration alert”. Application 14/805744 was filed July 22, 2015 and published yesterday.
The idea is simple: bad actors use new domain names to do harm. As soon as the domain is blacklisted, they move onto the next domain. So if you block newly-registered domains from being accessed or from accessing a network, you can thwart these bad actors.
In May 2015, Boeing filed a patent application for a method of blocking links in email from being clicked if they are for a domain name registered within a set period of time. This would help reduce successful phishing attempts.
Both of these applications post-date a presentation (pdf) Dr. Paul Vixie of Farsight Security, Inc made at RSA Conference 2015 in April, 2015. In that presentation, Vixie discussed the issue of quick domain churn.
But Vixie said domain blocking systems need to be very fast and shouldn’t be based on the date the domain was registered. Instead, they should be based on the first time a network sees the particular domain.
Leave a Comment