The Internet Corporation for Assigned Names and Numbers (ICANN) has terminated its Registrar Accreditation Agreement (RAA) with EstDomains.com after the President of the company was convicted for credit card fraud, money laundering and document forgery.

This comes as welcome news by the cyber security community as EstDomains.com has been used by cyber criminals for years to hide their identities and conduct various malicious activities such as using domains for bot command & control servers, drive-by downloads as well as spamming.

Here are some links of interest that provide more information on this story:

1. F-Secure Weblog - “Case EstDomains” 
2. The Washington Post Company – “ICANN De-Accredits EstDomains for CEO’s Fraud Convictions”
3. Notice sent to EstDomains.com by ICANN (pdf)

Assessing security posture of network devices like routers and firewalls can become a nightmare when a security practitioner is faced with tens of devices with hundreds (sometimes thousands) of lines of configuration data to go through. Manually going through the entire configuration data may not always be the right course of action especially when faced with tight deadlines.

There is help available and it comes in the form of automation tools that can make our life easier. I will discuss a couple of tools that I have worked with and how they can support in auditing and vulnerability assessment activities. (more…)