UK WHOIS Service Suspended After Rogue Attack
by Tim Richardson
Nominet UK was forced to suspend its WHOIS service last night after a rogue attempt to copy the entire registry of .uk domains.
Spammers are thought to be behind attempts to copy the WHOIS database, which started last week. Last night, though, the attack was so severe that Nominet - the national Registry for all domain names ending .uk - had no choice but to suspend the service.
The service was suspended at 11.00pm and re-started at 7.45am this morning.
The attack appears to have originated from outside the UK and Nominet has already made attempts to try and stop those responsible from continuing with the action.
In a statement Nominet said: "Late yesterday evening, as a result of a distributed and high volume data mining attempt, we were forced to temporarily suspend our public WHOIS service. The service has since been re-started.
"We believe that there is a very persistent person/organisation attempting to gain a detailed copy of the .uk register. This attempt began last week, but increased efforts last night resulted in us needing to take more severe action than previously necessary.
"The data mining attempt operates by systematically querying the WHOIS server using whatever WHOIS proxies they can find. The queries normally take place overnight (GMT) with sometimes hundreds of proxies being commandeered simultaneously for this purpose.
"We apologise to anyone inconvenienced by these events, but trust that members will understand the importance of protecting the .uk register," it said.
Nominet is currently seeking legal advice but is prepared to suspend the WHOIS service again if attacks resume.
In a similar event in the late 1990s, Nominet obtained a High Court injunction to prevent someone form copying its registry of domain names.