DNS rebinding is a Domain Name System-based attack on the codes embedded in a webpage.
Through DNS rebinding, an attacker can compromise unpatched internal systems, exfiltrate sensitive data and circumvent firewalls to spider corporate intranets.
It is for this reason that you need to understand what a DNS rebinding is, how it works and how to protect yourself against this computer attack.
What is DNS Rebinding?
DNS rebinding is a computer exploit that has been known for a long time as a useful tool for hackers looking to subvert a browser’s same-origin policy.
This attack works on widely-used routers like Linksys and D-link. It can also target any device that uses a web-based administrative panel and a default password.
A DNS rebinding attack can have adverse effects on a number of web applications. Such an attack may convert browsers into open proxies and get through firewalls to access internal documents and services.
The hacker may also use the DNS rebinding to hijack IP addresses of their victims to perform click fraud or send spam emails.
How Does a DNS Rebinding Exploit Work?
A hacker only needs to register a domain name and generate web traffic to their page to launch a DNS rebinding attack.
The hacker may lure their victims to the page through advertisements. The victim may also accidentally visit the attacker’s website.
The attacker can access sensitive information on the network or use it to send spam.
During this attack, the hacker doesn’t gain access to DNS servers. They simply provide valid responses to their domain, making the browser act as if the two servers belong to the same origin since they share a hostname.
How to Defend Your Network from a DNS Rebinding Attack
There have been various suggestions made on how to defend your network against this type of computer attack, including:
- Using a private firewall to limit browser access.
- Disabling the Flash plugin.
- Ensure all your websites have a valid host header instead of a default virtual host.
- Disabling access to your router’s admin console from all external networks.
- Using a strong password for your router. Preferably, change it to something other
than the factory default.
- Make sure your computer software programs are patched at all times. Update to a new version whenever it’s available.
- Do not use IP address-based authentications.
Ultimately, the secret to defending your network from DNS rebinding is to avoid being lured into using un-addressable IPs and firewall programs as your defense mechanism.
Latest posts by Richard (see all)
- Wide Range of Job Ads Available on the Dark Web - November 5, 2018
- Continuous Exploit of RDP Pushes FBI to Issue Warning to Potential Targets - October 29, 2018
- Ross Ulbricht’s Fifth Year in Jail - October 10, 2018