DNS Rebinding Prevention for the Weak Host Model Attacks
Florian Weimer
fweimer at bfk.de
Tue Aug 17 15:31:20 UTC 2010
* Bradley Falzon:
> Craig Heffner's version of the DNS Rebinding attack, similar to all
> DNS Rebinding attacks, requires the DNS Servers to respond with an
> Attackers IP Address as well as the Victims IP Address, in a typical
> Round Robin fashion. Previous attacks would normally have the Victims
> IP Address to be their Private IP.
For which protocols is this supposed to work? Why would a
security-minded web application serve content under a name it knows
cannot be its own?
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the bind-users
mailing list