[dns-operations] Use of Views/ACLs to defeat DNS rebinding/pinning attacks?
David Ulevitch
davidu at everydns.net
Tue Aug 7 21:33:42 UTC 2007
Roland Dobbins wrote:
> On Aug 7, 2007, at 1:09 AM, Lutz Donnerhacke wrote:
>
>
>> There is no defense to DNS Rebinding attacks.
>>
>
> This isn't quite true, is it? After all, there are some firewalls
> which apparently can rewrite answers in order to filter out the
> poison-pill answers which attempt to place a non-native FQDN inside a
> site's internal address space; if these firewalls can do it, my
> question was, can we also do it with a combination of BIND ACLs and
> Views.
>
Can somebody name one of these firewalls? I don't believe it exists.
Sending to the list not to call you out Roland, as others in the thread
claimed they exist too, but let's hear who the vendors are.
Such a thing *could* exist, but does it actually exist[1]?
-David
1: And let's keep in mind, this doesn't actually stop the problem, it
stops one vector of attack.
More information about the dns-operations
mailing list