DNS rebinding

DNS rebinding definition - computer

A method for obtaining unauthorized access to the local network by fooling the Web browser into switching IP addresses from the Web server to a local computer. It is used to steal company information, compromise unprotected client machines and hijack IP addresses for spam, click fraud and other malevolent purposes.

When a user requests a Web page from an attacker's site, the attacker's DNS server returns the IP address of its Web server with an extremely short time to live (TTL). The page that gets downloaded contains malicious code that binds the local IP address to the host name of the attacker's site. The next query to the attacker's site becomes a query to the local machine. See TTL.

DNS Pinning
A function built into most Web browsers, DNS pinning ignores the TTL returned from the DNS server and keeps the Web server IP address "pinned" to the original host name for up to several minutes. However, active technologies such as Java and Flash are also vulnerable to DNS rebinding. They use separate pin databases and have their own access to the network.



Computer Desktop Encyclopedia THIS DEFINITION IS FOR PERSONAL USE ONLY
All other reproduction is strictly prohibited without permission from the publisher.
Copyright © 1981-2009 by Computer Language Company Inc. All rights reserved.

Comments (1) Add Your Comment

The definition requires clarification: why is the user's request for the attacker's web page involving the attacker's DNS at all? Why aren't all DNS resolutions done with the user's own choice of DNS?

Posted by anonymous 101 days ago.

Improve this definition.
Do you have more to add? Share your linguistic knowledge or observation.
/Register to save your comments.