eMichigan Before and After and Beyond - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

eMichigan Before and After and Beyond

Description:

The list of agency domain names will be maintained by NOC and entered into the ... OU domain names may be used in other naming conventions, for example, as ... – PowerPoint PPT presentation

Number of Views:66
Avg rating:3.0/5.0
Slides: 20
Provided by: richardt4
Learn more at: https://www.michigan.gov
Category:

less

Transcript and Presenter's Notes

Title: eMichigan Before and After and Beyond


1
Thursday, December 11, 2003
2
Agenda
  • Current domain name policy
  • Domain names at the external proxy
  • The dark side of domain names
  • Cyber-squatting
  • Recommendations
  • Questions

3
Current Domain Name Policy
  • 1310.20 issued January 1997
  • Domain Name System (DNS) is a hierarchical,
    distributed service used to assist in the
    location of resources, such as file servers,
    world wide web servers, E-mail services, etc.
    which are attached to the Internet.
  • The DNS does its job by converting or resolving
    easier to remember resource names
    (midb.michigan.gov) into their equivalent 4 octet
    Internet address (167.240.251.34) which is
    actually used in the Internet routing process.
  • The Network Operations Center (NOC) operates the
    primary DNS service for the State.

4
Current Domain Name Policy
  • 1310.20 issued January 1997 pg2
  • Operating Units (OU) may choose to operate their
    own DNS and create sub-domains at the division or
    office level, provided they strictly comply with
    Internet standards.
  • The list of agency domain names will be
    maintained by NOC and entered into the DNS when
    agency resources (files, etc) need to be accessed
    within State networks or via the external
    Internet.
  • OU domain names may be used in other naming
    conventions, for example, as prefixes for naming
    files, GroupWise domains and local area network
    servers.

5
Current Domain Name Policy - Revised
  • 1310.37 issued November 2001
  • Michigan State Governments Portal is registered
    with the United States General Services
    Administration as the "Michigan.Gov" domain.
  • The DNS converts or resolves easier to remember
    resource names (Michigan.Gov) into their
    equivalent 4 octet Internet numerical address
    which is used by Internet routing equipment to
    establish host to host communication links .
  • The Network Operations Center (NOC) manages and
    maintains the primary DNS service for the State.

6
Current Domain Name Policy - Revised
  • 1310.37 issued November 2001 pg2
  • Procedure 1310.20 Internet Domain Name and
    Service Naming is targeted for revision or
    possible obsolescence, but is not rescinded at
    this time.
  • It is expected that for some time the domains
    identified under Procedure 1310.20 will co-exist
    to allow an orderly transition of content and
    applications to the new portal and the more
    defined Uniform Resource Locator (URL) naming
    conventions outlined in this procedure.
  • The Michigan.gov Portal content will adhere to
    the michigan.gov name.
  • Agencies are not permitted to insert agency
    identifiers between the www and Michigan to
    create a sub-domain address such as
    www.dit.michigan.gov. Where agency identifiers
    are necessary they will follow a virgule after
    the .gov to form an address similar to
    www.michigan.gov/dit.

7
Domain names and external proxy
  • Nearly 200 individual proxy entries are currently
    hosted by the NOC external DNS servers

8
Domain names and external proxy
  • These seem harmless to the user, the state agency
    and to most of us that have grow so accustomed to
    surfing the web for all our information needs. 
  • Some like (and Im not trying to single anyone
    out here)
  • www.mi529prepaid.org
  • www.mich-freedomacademy.org
  • www.mesb.org
  • www.2649.org
  • www.bingedrink.com
  • mi529prepaid.com
  • met4kid.com
  • mimhefa.org

9
Domain names and external proxy
  • These domain names have been purchased using
    popular domain services like register.com,
    tucows.com and others.
  • The cost is nominal, starting at just 35.00 and
    ranging up to over 150.00 depending on how long
    the agency plans on keeping it active.
  • If you did some quick math, 200 domain names at
    an average of 75.00 per year costs the state
    15,000 per year.

10
The Dark-Side of domain names
  • Utilize existing Vignette content management
    infrastructure to
  • Speed Delivery
  • Lower Costs
  • Increase Adoption by Users
  • Put in place standards that apply to all
    applications regardless of the technology
    platform.
  • Introduce usability guidelines so users can
    successfully navigate complex government
    processes on-line.
  • Affects all sites designed to conduct official
    State business, whether directed at general
    consumers or targeted constituent needs

11
The Dark-Side of domain names
  • The state has started seeing some dark sides to
    domain names.
  • What happens to a domain name when its no longer
    needed, or the program goes away, or the task
    force accomplishes what it set out to do?
  • What happens to all the sites that may have
    linked to the domain name, including library and
    school computers that have the sites book marked?
  • What difference does it make after all?

12
The Dark-Side of domain names
  • The dark side of domain names is that they are
    actively being sought by some of the biggest
    abusers of the Internet world
  • companies or individuals who seek to exploit,
    extort or otherwise highjack legitimate domain
    names for their own use.
  • Users have no idea that are connecting to
  • Once there, the user will decide to stay and
    visit, hopefully long enough to be lured into
    returning later, or to start making money
    transactions on the spot
  • These domain names look totally normal in the
    favorites menu, and anyone scanning access log
    files would never notice them.

13
Cyber-squatting Extortion
  • Cyber-squatting (a term that has been used to
    define this activity) refers to companies or
    individuals who prey on expired domain names and
    buy them up, only to leave the domain name and
    even page titles exactly as it they are.
  • This fools site crawlers and automated filters
    from even detecting that they are in fact
    illegitimate sites and contain the most offensive
    material.
  • To buy the domains names back, the original
    owners are required to pay thousands of dollars
    or face the continued bane of having their once
    legitimate program abused by offensive material.
  • Legally, there is absolutely nothing that can be
    done.

14
Recommendations
  • Agencies are encouraged to refrain from
    purchasing specialty domain names that must be
    maintained indefinitely, in order to be
    preserved, even after they have served their
    purpose.
  • Agencies should use legitimate domain naming
    conventions that the state has already put in
    place to protect the state from this abuse.
  • Agencies should try to use the approved domain
    name in all their agency specific applications.
  • www.state.mi.us/webappname

15
Recommendations - Examples
  • www.state.mi.us/webapp/
  • www.state.mi.us/folio
  • www.state.mi.us/gw5
  • www.state.mi.us/hdamk
  • www.state.mi.us/mitownhall
  • www.state.mi.us/msp/crd
  • www.state.mi.us/msp/ohsp/

16
Recommendations Michigan.gov
  • In addition, the Michigan.gov domain has been
    made available to all state agencies that wish to
    market their program or office to allow direct,
    safe, accurate and maintainable domain names and
    URLs that can be completely controlled by the
    state.
  • This also places the site into the states
    ENTERPRISE search engine and will increase the
    likelihood of it being found.

17
Recommendations Michigan.gov
  • www.michigan.gov/jointpermit
  • www.michigan.gov/wdl
  • www.michigan.gov/lyme
  • www.michigan.gov/fostercare
  • www.michigan.gov/osteoporosis
  • www.michigan.gov/westnilevirus
  • www.michigan.gov/metro

18
Recommendations Michigan.gov
  • Michigan.gov domain names are permanent and never
    require renewal
  • Michigan.gov marketing URLs are FREE
  • They can be changed at any time
  • They will never fall into the hands of
    extortionists
  • DIT Infrastructure Services and Telecom can set
    up a domain name for your DMZ hosted or
    agency-hosted servers
  • All of this is maintained in house and will never
    expose the state to unwanted domain name usage or
    politically embarrassing situations.

19
Help prevent unwanted access
  • More importantly, the citizens and school
    children - of the state will be spared from
    unexpectedly visiting one of these offensive
    sites when accessing legitimate state content.
Write a Comment
User Comments (0)
About PowerShow.com