Wednesday, August 8, 2007

DNS Rebinding Attacks

Stanford Security Lab vừa công bố một tài liệu miêu tả khá đầy đủ DNS Rebinding Attacks (loại attack mà tôi trình bày ở VNSECON07):

DNS rebinding attacks subvert the same-origin policy and convert browsers into open network proxies. These attacks can

  • circumvent firewalls to access internal documents and services
  • require less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers

No comments: