Rebinding Attacks Persist With Spotty Browser Defenses

[MuzzMelbourne]

Content source

https://www.darkreading.com/dr-tech/rebinding-attacks-persist-with-spotty-browser-defenses

Browser companies and network-security vendors have created a variety of defenses for the three-decades-old attack technique known as DNS rebinding, but uneven acceptance and updated exploitation techniques, protection remains spotty.

DNS rebinding — which allows external malicious sites visited by an unsuspecting victim to access internal servers and services —is similar to cross-site request forgery, where an attacker can use a JavaScript component or Java applet to request resources from another site or network. DNS rebinding typically works by attracting a user to a malicious web site, and using the site's content and a short time-to-live (TTL) to force the browser to send a new domain name system (DNS) request, to which the attacker's site responds with an internal network IP address. The attack essentially allows an attacker to use a victim's browser to send requests to servers and devices on the internal network.

Rebinding Attacks Persist With Spotty Browser Defenses

DNS rebinding attacks are not often seen in the wild, which is one reason that browser makers have taken a slower approach to adopting the web security standard.

www.darkreading.com