Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Anti-DNS pinning & DNS-rebinding attacks!
Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Belarc Advisor / Missing Security Updates »
« Storm worm seems to be fading away  

swhx7
Premium
join:2006-07-23
Elbonia
·RoadRunner Cable

Re: Anti-DNS pinning & DNS-rebinding attacks!

Good stuff jansson_mark. The pdf is fascinating.

Browsers are supposed to protect against this by "pinning", i.e. requiring the IP-to-domain-name match-up to remain the same for an interval. But Jackson et al. in the pdf make clear that the major browsers don't do this very well. So even without plugins, there are some big gaps.

You can protect against outside access to other LAN devices by hardening within the LAN and by patching your firewall to not allow external names to resolve to internal addresses. But the browser can still be expoited to send spam or direct attacks at other external computers in which case the victim will appear responsible.

There's more I haven't read yet. Mozilla, Microsoft, Apple and Opera need to get on this.
permalink · 2007-08-03 15:29:22 · Print · Reply to this
Forums » Up and Running » Security » SecurityBelarc Advisor / Missing Security Updates »
« Storm worm seems to be fading away  

Wednesday, 02-Dec 19:01:21 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [161] Comcast Releasing Promised Usage Meter
· [93] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [79] Latest Consumer Reports Survey Not Kind To AT&T
· [70] Baltimore To Ban Lazy Cable Installs
· [62] Broadband Killed The Game Console
· [54] Rogers Unveils The ISP Dream Model
· [46] ACTA: Global Three Strikes
· [41] Rural Carriers Quickly Embracing Fiber
· [38] Charter Exits Chapter 11
· [33] AT&T Top Lobbyist Cicconi Has His Feelings Hurt
Most people now reading
· MS admits Windows Updates principally created to annoy [Security]
· IMG 1.7 (IMG Updates and Discussion) [Verizon FIOS TV]
· Quality/longevity of 15A 120V receptacles [Home Repair & Improvement]
· Options if ACTA is ratified [TekSavvy]
· Ooma changing features [VOIP Tech Chat]
· [Newsgroups] Newzleech down? [Filesharing Software]
· [HD] hd updates for the Reading, Pa area [Comcast Cable TV]
· Am I the only one that loves to work in IT? [No, I Will Not Fix Your #@$!! Computer]
· DK Weapon Upgrade [World of Warcraft]
· persistent connection to qw-in-f113.1e100.net on boot [Security]