Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

From hobby project to DDoS Alerting Service

DDoS Alerting Service gives insight

ddos attack in red color text on dark digital background
  • Monday 24 April 2017

In his spare time, Lennart Haagsma has built a system capable of detecting DDoS attacks and alerting internet service providers, hosters and other organisations. With support from SIDN Fund, Lennart is now aiming to take his DDoS Alerting Service to the next level. "The system has great potential for small players who can't afford commercial detection software."

Interesting challenge

About three years ago, Lennart Haagsma had the idea that underpins the DDoS Alerting Service. "I kept seeing reports about DDoS attacks, and I thought it would be interesting to understand more about them. So I set up a server to act as a honeypot, a sort of trap. The idea was that DDoS attackers would try to use the server for their attacks."

Lennart Haagsma, initiator of the DDoS Alerting Service
Lennart Haagsma, initiator of the DDoS Alerting Service

HoneyNED

Last autumn, Lennart started to detect a lot of attacks. And other people soon became very interested in the data he was gathering. One of them was Rogier Spoor, Chair of HoneyNED, a Dutch community of honeypot users. Together, Lennart and Rogier came up with the idea of making the detection system's output available as a service.

Good data presentation

"A honeypot isn't very difficult to create. Making the data from it accessible and presenting it in a way that means something to the user was a much bigger challenge for me. I'd never done anything like that before." Overcoming that challenge quickly became expensive and time-consuming. That was when Rogier suggested approaching SIDN Fund. A grant from SIDN Fund enabled Lennart to cover the cost of the hosting and time input. "The money means that I can make the system output more user-friendly."

More users

At the moment, only a handful of users receive data from the DDoS Alerting Service. The information helps them decide whether an incident is an attack or simply a fault. "The system has great potential for small players who can't afford commercial detection software." The aim is therefore to grow the user community as quickly as possible. Lennart realises that that won't be easy. "I'm currently looking at ways of providing automated access. But it's important to proceed carefully and get it right – I don't want to become an information source for attackers!"

Trend detection

The DDoS Alerting Service also provides insight into developing trends. What kinds of target are the attackers focusing on? And where? "One of the infographics available from the service is a map of the world with DDoS attack targets plotted in real time. It's proving very useful for a lot of people. In the future, I want to do more of that kind of information-sharing. However, this is another area where I need to guard against providing criminals with information that helps them avoid detection. I also want to make sure that other people can't make money by repackaging the information that I provide free of charge."

Honeypots

Honeypots are quite widely used in IT security, usually for catching hackers. The idea is simple enough: you deliberately set up something with weak security and then you keep a close eye on it to see whether anyone tries to exploit the vulnerability. "It's like building a house with a door that doesn't lead anywhere, and leaving the door unlocked. If someone tries to get in through the door, you know that they're up to no good."

Humble beginnings

Although he used feedback from the system in his work – Lennart is a Security Analyst at Fox-IT – the Alerting Service started out as a hobby project. He might work on it for a few hours one week, then hardly at all the next week. "Technically speaking, the system wasn't all that hard to develop. It just meant having a certain amount of cross-disciplinary know-how. It depended on knowing a bit about servers, and being able to do some programming, build a website and so on."

Focus on the internet

Lennart's DDoS Alerting Service uses honeypots in a slightly different way. "I focus on what are known as 'reflective amplification DDoS attacks'. The attacks make use of 'middle men': a lot of internet servers are sent a short query that requires a long answer. The trick is to get the answers sent to your target – the victim of the attack. The victim is swamped with answers from the servers and the data overload creates functionality issues. My honeypots are set up to look like badly configured internet servers, in the hope that attackers will find them and try to use them for their attacks."

Working with the Fund

Lennart is very positive about working with SIDN Fund. "We got along well from the start. After winning the grant, I took part in a workshop with other people who've been sponsored by the Fund. It was a fascinating experience. The great thing was that all the projects represented were really worthwhile initiatives – schemes for making the internet better and more secure. That kind of thing really appeals to me."