Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: open
DNS pinning is a browser technology that is designed to tie a single IP address to a single domain. Ironically, it was developed as a security precaution to help prevent malicious servers from hijacking HTTP sessions. But now researchers have discovered some pretty scary -- and shockingly easy -- anti-DNS pinning attacks, a few of which will be revealed and demonstrated at Black Hat next month.
Old Flaw Threatens Web 2.0 [darkreading.com]
This was also partly discussed in a previous thread [webmasterworld.com] with respect to a Google Desktop vulnerability.
[edited by: tedster at 2:35 am (utc) on July 21, 2007]
[edit reason] fix quote box [/edit]
It's just those kinds of severe attack scenarios that have led to a resurgence of interest in the bug -- which isn't actually in DNS, but in browsers and browser plug-in programs such as Java, Flash, and Adobe...
So the fixes need to happen through a coordinated effort of browser makers, Sun Java coders, and Adobe. Sheesh!