Donnerstag, 9. August 2007
Maddin, 9. August 2007 um 12:47:14 MESZ DNS rebinding at CCS'07 This year's ACM conference on Computer and Communication Security (CCS) features two excellent papers on DNS Rebinding (the attack formerly known as "anti-DNS-pinning"). Besides discussing DNS rebinding for firewall circumvention, Protecting Browsers from DNS Rebinding Attacks by Jackson et al. also covers DNS-rebinding-based IP-hijacking, which can be used to commit click-fraud (an malicious application of the attack I have not thought of before). Furthermore, the authors propose a couple of defensive strategies, of which two have especially caught my attention: Dynamic Pharming Attacks and the Locked Same-Origin Policies for Web Browser by Karlof et al. shows how pharming attacks can employ DNS-rebinding to subvert strong authentication mechanisms like client-side SSL (another malicious application I had not thought of before). To counter this threat the propose a "locked same-origin policy" that does not only take domain, port, and protocol into consideration but also requires that the private keys of the web page's respective SSL-certs match (an approach that obviously only works for web pages served via https). I think this solution is a pointer in the right direction. Making the security properties of a web application depended on something that is not directly controlled by the application itself (DNS) was a bad idea in the first place. In the future we should work replacing this policy by something more appropriate and fine-grained. Update: Giorgio Maone announced that the next major version of NoScript will include the stanford paper's "same subnet" anti-rebinding policy (both in IPV4 and IPV6). ... Link |
online for 8425 Days
last updated: 09.04.14, 16:14 Youre not logged in ... Login
click:
Martin Welt martinjohns.com Tumbling Nerd Alert Blogroll doomicile foobla simonox Podroll IT Conversations The Podcast about nothing |