Current Thoughts on DNS Rebinding

RSnake and Dan Kaminsky have been talking about session fixation via DNS Rebinding.  As you may recall, an attacker can’t abuse your cookies in a rebinding attack, though they can walk your browser around content and control the session.  The gist of what these guys are talking about is how the attacker can…

Pinning / Rebinding / Quick-Swap DNS Links

A group at Stanford has been researching these issues and recently published Protecting Browsers from DNS Rebinding Attacks. Also, Dan Kaminski has published his slides from Blackhat 2007, Black Ops 2007: Design Reviewing The Web.

Notes on DNS Pinning

Christian Matthies has an excellent writeup on DNS Pinning (with diagrams!)  If you’re tuned into web app security you’ve probably noticed a lot of discussion around Anti DNS Pinning a.k.a. DNS Rebinding a.k.a. Quick-Swap DNS lately.  You’re likely to see a lot more such discussion after this year’s Blackhat/Defcon given that there are a number…