[dns-operations] Use of Views/ACLs to defeat DNS rebinding/pinning attacks?

David Ulevitch davidu at everydns.net
Tue Aug 7 21:33:42 UTC 2007

Roland Dobbins wrote:
> On Aug 7, 2007, at 1:09 AM, Lutz Donnerhacke wrote:
>> There is no defense to DNS Rebinding attacks.
> This isn't quite true, is it?  After all, there are some firewalls  
> which apparently can rewrite answers in order to filter out the  
> poison-pill answers which attempt to place a non-native FQDN inside a  
> site's internal address space; if these firewalls can do it, my  
> question was, can we also do it with a combination of BIND ACLs and  
> Views.
Can somebody name one of these firewalls?  I don't believe it exists. 

Sending to the list not to call you out Roland, as others in the thread 
claimed they exist too, but let's hear who the vendors are. 

Such a thing *could* exist, but does it actually exist[1]?


1: And let's keep in mind, this doesn't actually stop the problem, it 
stops one vector of attack.

More information about the dns-operations mailing list