Talk:DNS rebinding
This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||||||
|
Circumventing DNS rebinding defenses
[edit]TerraFrost, I noticed that you added links to articles about DNS pinning and Host header checking. I agree that there should be a mention of circumvention techniques, but I am concerned that these articles might be confusing to readers. The first article (circumventing DNS pinning) describes how to trick browsers into unpinning; this is not a flaw in pinning but rather an observation that current browsers do not fully implement pinning. A better example of a flaw in pinning is that browsers cannot enforce pinning when a proxy is being used. The second article (circumventing Host header checking) is a bit outdated, since it came several years before the Flash DNS rebinding fixes. Although it seems possible and even likely that attacks on Host header integrity may still exist, it would be best to link to a more up-to-date article on the issue, or perhaps provide some more context about when the article was written. Rulesdoc (talk) 06:10, 4 January 2008 (UTC)
- C-Class Internet articles
- Low-importance Internet articles
- WikiProject Internet articles
- C-Class Computing articles
- Low-importance Computing articles
- C-Class Computer networking articles
- Mid-importance Computer networking articles
- C-Class Computer networking articles of Mid-importance
- All Computer networking articles
- C-Class software articles
- Low-importance software articles
- C-Class software articles of Low-importance
- All Software articles
- C-Class Computer science articles
- Low-importance Computer science articles
- C-Class Computer Security articles
- Mid-importance Computer Security articles
- C-Class Computer Security articles of Mid-importance
- All Computer Security articles
- All Computing articles