Abstract: Embodiments relate to systems, devices, and computer-implemented methods for mitigating Distributed Denial of Service (“DDoS”) attacks. The method can include receiving, by a server, a response message from an application server. The method can further include determining a source internet protocol (IP) address associated with the source client based on a request message received from a source client. The request message received from the source client corresponds to the response message received from the application server. In addition, the method can include identifying, by the server, a plurality of counters associated with the source IP address, and identifying, by the server, a response type of the response message. Further, the method can include causing a value of at least one of the plurality of counters to change based on the response message and the response type.

Abstract: Disclosed embodiments provide domain name registration, e-mail registration, e-mail forwarding, and other services via resource-limited interfaces, such as SMS-based services. Domain names may be requested, registered, and managed, and e-mail addresses may be requested and forwarding options selected by a user by way of a resource-limited device or protocol. E-mails may be provided to a user over an e-mail-to-SMS forwarding system.

Abstract: Systems and methods are disclosed for detecting mobile devices. In one implementation, a system includes a web server. The web server receives mobile device detection strings from a DNS server in response to a DNS request and stores the mobile device detection strings on the server. The web server uses the mobile device detection strings to determine if a client device making a request to the web server is a mobile device. The web server may determine if the client device is a mobile device by comparing a user agent string in the request to the mobile device detection strings. The web server may determine whether the client device is a mobile device before sending the client device's request to any server-side scripts stored at the web server.

Abstract: Method and system for routing EPP requests over a network are provided. A routing system includes multiple frontend service interfaces, one or more gateways, a management server, and a backend service platform that provides multiple application services. The frontend service interfaces are addressable using virtual IP addresses (“VIP”) and can be provided by the gateways. The routing system defines a many-to-many mapping between the frontend service interfaces and a set of services provided by the backend service platform. A requestor can send a request over EPP to a targeted service interface to access one or more backend services, by sending the request to a target IP or domain name that corresponds to a VIP associated with the targeted service interface. Using the many-to-many mapping and the VIP of the targeted service interface, the routing system can identify backend services sought by the request and provide the requestor with access to the backend services.

Abstract: A method for adding a blacklisted site to a whitelist includes requesting a blacklisted site via a network, the blacklisted site having a domain name of the format <blocked-domain>. The method includes generating queries for an encoded domain, the encoded domain being of the format <nonce>.<hash>.<blocked-domain>.<static domain>, sending the queries to a recursive DNS server, and sending responses based on the queries to a cache of a web browser. The method includes requesting by the web browser the blacklisted site, adding the blacklisted site to the whitelist, sending an IP address corresponding to the blacklisted site to the web browsers, and accessing the blacklisted site.

Abstract: Methods and systems are disclosed for quickly providing Whois services to a new top level domain after it is provisioned in a registry. In one embodiment, domain data is received at a first system regarding a top level domain (TLD). The domain data is assigned an authoritative port of a Whois server and is provisioned in a registry database. In certain embodiments, the Whois server provides information relating to domain name registrations of the TLD in the database, according to the authoritative port. The Whois server determines that a Whois query is received at the authoritative port for the queried TLD and responds with the queried information. To the requester, the responses appear as if they are sent from a unique Whois server for each TLD, but the Whois server is actually shared among the TLDs.

Abstract: Implementations relate to systems and methods for pre-signing of DNSSEC enabled zones into record sets. A domain name system (DNS) can receive and/or impose a set of DNS policies desired by an administrator, or the DNS operator itself to govern domain name resolution with security extensions (DNSSEC) for a Web domain. The DNS can generate a set of answers to user questions directed to the domain based on the set of policies. Those answers which differ or vary based on policy rules can be stored as variant answers, and can be labeled with a variant ID. The variant answers can be pre-signed and stored in the DNS. Because key data and other information is generated and stored before a DNS request is received, the requested variant answer can be returned with greater responsiveness and security.

Abstract: A computer implemented method of providing registry services is disclosed. The method includes identifying one or more top level domains to be serviced; creating, by a processor, a TLD group for the one or more top level domains, wherein top level domains in the TLD group share at least one characteristic; provisioning the one or more top level domains; and registering the one or more top level domains with the TLD group.

Abstract: Techniques for monitoring zone file changes are presented. The techniques may include obtaining at least one zone change request and parsing the at least one zone change request to obtain at least one change request unit. The techniques may include obtaining a last published zone file, obtaining a new zone file, and comparing the last published zone file to the new zone file to obtain at least one difference object. The techniques may include matching the at least one difference object to the at least one change request unit to identify at least one unmatched difference object. The techniques may include providing a human readable report comprising an indication of the at least one unmatched difference object.

Abstract: The present disclosure provides systems, methods, and products for high performance implementation of traffic management rules. In various embodiments, traffic management rules, such as DNS traffic management rules, are functionally expressed as rows in one or more lookup tables that are deployed to DNS resolution servers. The DNS resolution server uses the domain name, resource record type, traffic management rule types, and/or traffic management variable values to search for or look up an answer, from among multiple answers corresponding to the domain name and resource record type that meets the traffic management criteria. This look up is done without executing conventional traffic management code or scripts.

Abstract: Systems and methods for verifying data in a distributed database using different automated check operations at different times during the database read and update cycles. Various functions may be performed including executing a first check during update operations of the database. A second check may also be executed during the update operation of the database, and be implemented as an execution thread of an update daemon. A third check may be executed at a time interval between update functions of the update daemon. A fourth check may be executed during a time that the database is not being updated. Integrity of data in the database may be verified by a computer processor based on the first, second, third, and fourth checks.

Abstract: Systems and methods are provided for malware scanning and detection in a computing system. In one exemplary embodiment, the method includes launching, in a computing device of the computing system, a virtual machine, and launching, in the virtual machine of the computing device, an internet browser. The method also includes requesting, by the internet browser, data from a web page, and performing, using one or more analysis tools, analysis on the web page. In the method, performing analysis on the web page includes performing monitoring and recording of system application programming interface (API) calls, and creating software objects associated with the web page. The method also includes performing antivirus scanning of the software objects, de-obfuscating JavaScript associated with the software objects, and correlating data associated with the performed analysis to determine if the web page is a malicious web page.

Abstract: A method for controlling a message from a sender. A referee can evaluate a credential associated with a message to determine its desirability to the intended recipient, and take an action based upon the results of the determination. A sender that includes a trusted component can send a credential with the message, and the message can be controlled without a referee.

Abstract: A method of triggering crawling of a domain includes receiving information related to a domain from a registrar and processing the information related to the domain. The method also includes storing the processed information in a registry zone file and forming a list of registry data based on the processed information. The list of registry data comprises a subset of the registry zone file. The method farther includes crawling one or more of the domains in the list of registry data.

Abstract: Methods and systems for intelligently choosing an authoritative name server from among a group of name servers for resolving Domain Name System requests. Systems and methods are provided that enable choosing of a first server associated with and/or operated by a first service provider based on a first measurement associated with that first server. The systems and methods further comprise requesting first data from that first server, determining that the first server is unresponsive, and choosing a second server. The second server is chosen based on a second measurement, and chosen contingent on it being associated with and/or operated by to a different service provider than that associated with the first server. The systems and methods then comprise requesting second data from the second server.

Abstract: A method and apparatus for of storing data comprising monitoring a plurality of storage units within a mass storage area and detecting when a storage unit within the mass storage area is overloaded. The method further comprising randomly distributing the data on the overloaded storage unit to the other storage units within the mass storage area.

Abstract: Systems and methods are disclosed for a cache-sensitive index that uses fixed-size partial keys. The index may include a node comprising a child group pointer, a number of partial keys and a similar number of full-key pointers. The node may also include a record count. The nodes are organized into groups. The groups may contain a number of nodes one greater than the number of partial keys in a node and the nodes in a group may be stored contiguously in memory. The child group pointer and the number of partial keys may fit within a cache line. A method is disclosed for traversing the index, for bulk-loading the index, and for live deletion of records from the index.

Abstract: A system and method for more efficiently establishing a chain of trust from a registrant to a registry. A registrant credential is associated with a Shared Registration command and is sent by a registrar to a registry. Upon successful validation, a token is generated and bound to a registrant identifier. The token is included along with the registrant identifier in subsequent discrete Shared Registration commands submitted to the registry on behalf of the registrant. The registrant thus needs to submit its credential only once for changes that require several discrete commands. Also, it is more efficient for the Shared Registration System to validate a token for a set of commands than to validate different registrant credential for each discrete command.

Abstract: A method for generating a bigram database may include receiving domain names, tokenizing the domain names, generating token bigrams from the tokenized domain names, filtering the token bigrams, ranking the token bigrams, and storing the filtered and ranked token bigrams in a bigram database. A method for suggesting alternative domain names may include receiving a requested domain name, tokenizing the requested domain name to divide the requested domain name into a series of tokens, retrieving token bigrams for tokens of the requested domain name, generating alternative domain name suggestions based on the token bigrams and the requested domain name, ranking the alternative domain name suggestions, and outputting at least one of the alternative domain name suggestions.

Abstract: A method of applying device preferences to network traffic includes establishing first DNS settings of a first device and establishing second DNS settings of a second device. The first DNS settings are associated with one or more first name servers. The second DNS settings are associated with one or more second name servers. The method also includes transmitting, from the first device, at least a portion of a first DNS query and a public IP address to the first name server. The method further includes transmitting, from the second device, at least a portion of a second DNS query and the public IP address to the second name server.