[dns-operations] Use of Views/ACLs to defeat DNS rebinding/pinning attacks?
Roland Dobbins
rdobbins at cisco.com
Tue Aug 7 09:54:11 UTC 2007
On Aug 7, 2007, at 1:09 AM, Lutz Donnerhacke wrote:
> There is no defense to DNS Rebinding attacks.
This isn't quite true, is it? After all, there are some firewalls
which apparently can rewrite answers in order to filter out the
poison-pill answers which attempt to place a non-native FQDN inside a
site's internal address space; if these firewalls can do it, my
question was, can we also do it with a combination of BIND ACLs and
Views.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at cisco.com> // 408.527.6376 voice
Culture eats strategy for breakfast.
-- Ford Motor Company
More information about the dns-operations
mailing list