Browser companies and network-security vendors have created a variety of defenses for the three-decades-old attack technique known as DNS rebinding, but uneven acceptance and updated exploitation techniques, protection remains spotty.
DNS rebinding — which allows external malicious sites visited by an unsuspecting victim to access internal servers and services —is similar to
cross-site request forgery, where an attacker can use a JavaScript component or Java applet to request resources from another site or network. DNS rebinding typically works by attracting a user to a malicious web site, and using the site's content and a short time-to-live (TTL) to force the browser to send a new domain name system (DNS) request, to which the attacker's site responds with an internal network IP address. The attack essentially allows an attacker to use a victim's browser to send requests to servers and devices on the internal network.
