[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

dns cache beyond ttl - viasat / exede

Subject: dns cache beyond ttl - viasat / exede
From: dot at dotat.at (Tony Finch)
Date: Tue, 8 Oct 2019 12:21:58 +0100
In-reply-to: <CAP-guGXMEm4qMBPKbHxGS+pBoqtLLChcAH68JyZHESKx-EGLrQ@mail.gmail.com>
References: <[email protected]> <CAP-guGXMEm4qMBPKbHxGS+pBoqtLLChcAH68JyZHESKx-EGLrQ@mail.gmail.com>

William Herrin <bill at herrin.us> wrote:
>
> You may be looking at a web browser "feature" called "DNS pinning." This is
> used to defeat the "DNS rebinding" attack on javascript that would allow a
> web site to instruct a browser to scan the interior behind its user's
> firewall by having an attacker rotate the IP addresses used for
> Javascript's allowed server name.
>
> Depending on the implementation, DNS pinned browsers may not recognize a
> change to your IP address until the browser is stopped and restarted.

I thought DNS pinning was only for the lifetime of the web page, so
closing the tab (or all tabs open on the site...) should be enough, if a
reload isn't.

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
democracy, participation, and the co-operative principle

Follow-Ups:
- dns cache beyond ttl - viasat / exede
  - From: bill at herrin.us (William Herrin)

References:
- dns cache beyond ttl - viasat / exede
  - From: mike-nanog at tiedyenetworks.com (Mike)
- dns cache beyond ttl - viasat / exede
  - From: bill at herrin.us (William Herrin)

Prev by Date: Automated Abuse Reports
Next by Date: "Using Cloud Resources to Dramatically Improve Internet Routing"
Previous by thread: dns cache beyond ttl - viasat / exede
Next by thread: dns cache beyond ttl - viasat / exede
Index(es):
- Date
- Thread