What is DNS

What is DNS Rebinding Attack? It's Work And Protection


What is DNS Rebinding Attack? It's Work And Protection



What is DNS Rebinding Attack?

DNS rebinding is a form of computer attack or can say domain name computer based attack. In this attack, a malicious web page causes visitors to run a client-side script that attacks machines elsewhere on the network.

DNS rebinding attack can be used to breach a private network by causing the victim's web browser to access machines at private IP addresses and return the results to the attacker. It can also be employed to use the victim machine for spamming, distributed denial-of-service attacks or other malicious activities.

Cybercriminal can also do DNS rebinding attack through malacioum link and then they can access private information on the network.

How can we Protect Themselves?

The following techniques attempt to prevent DNS rebinding attacks:

  •  Always use a strong password for your router. 
  • To Disable admin access console to your router from any external network.
  • Web browsers can implement DNS pinning: the IP address is locked to the value received in the first DNS response. This technique may block some legitimate uses of Dynamic DNS, and may not work against all attacks. However, it is important to fail safe (stop rendering) if the IP address does change, because using an IP address past the TTL expiration can open the opposite vulnerability when the IP address has legitimately changed and the expired IP address may now be controlled by an attacker.
  • Private IP addresses can be filtered out of DNS responses.
  • External public DNS servers with this filtering e.g. OpenDNS.
  • Local sysadmins can configure the organization's local nameservers to block the resolution of external names into internal IP addresses. This has the downside of allowing an attacker to map the internal address ranges in use.
  • DNS filtering in a firewall or daemon e.g. dnswall.
  • Web servers can reject HTTP requests with an unrecognized Host header.
  • The Firefox NoScript extension provides partial protection (for private networks)
  • It was first discovered in 1996 and affected Java Virtual Machine.

Post a Comment

Copyright © All Kind of TecHnoLogY Related Tools-News-BooKs | Distributed by Blogger Templates | Designed by OddThemes