Private whois services

From pre-attack
Jump to: navigation, search

Private whois services
ID PRE-T1082
Tactic Adversary OPSEC


Every domain registrar maintains a publicly viewable database that displays contact information for every registered domain. Private 'whois' services display alternative information, such as their own company data, rather than the owner of the domain.1

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Commercially available or easy to set up and/or register using a disposable email account.


Detectable by Common Defenses (Yes/No/Partial): Yes

Explanation: Algorithmically possible to detect COTS service usage or use of non-specific mailing addresses (PO Boxes, drop sites, etc.)