homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / HTML
Forum Library, Charter, Moderators: incrediBILL

HTML Forum

DNS Pinning, nothing new but still a problem.

10+ Year Member

Msg#: 3400408 posted 10:09 pm on Jul 20, 2007 (gmt 0)

In light of rumored demonstrations at upcoming Black Hat, DNS Pinning seems to be on the horizon again as an issue:

DNS pinning is a browser technology that is designed to tie a single IP address to a single domain. Ironically, it was developed as a security precaution to help prevent malicious servers from hijacking HTTP sessions. But now researchers have discovered some pretty scary -- and shockingly easy -- anti-DNS pinning attacks, a few of which will be revealed and demonstrated at Black Hat next month.

Old Flaw Threatens Web 2.0 [darkreading.com]

This was also partly discussed in a previous thread [webmasterworld.com] with respect to a Google Desktop vulnerability.

[edited by: tedster at 2:35 am (utc) on July 21, 2007]
[edit reason] fix quote box [/edit]



WebmasterWorld Senior Member tedster us a WebmasterWorld Top Contributor of All Time 10+ Year Member

Msg#: 3400408 posted 2:34 am on Jul 21, 2007 (gmt 0)

It's just those kinds of severe attack scenarios that have led to a resurgence of interest in the bug -- which isn't actually in DNS, but in browsers and browser plug-in programs such as Java, Flash, and Adobe...

So the fixes need to happen through a coordinated effort of browser makers, Sun Java coders, and Adobe. Sheesh!

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / HTML
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved