Rebinding attacks

There is an interview with some security researchers about the perils of rebinding attacks. Now the reporting of this new attack vector, as it were, was of some interest from a technical standpoint. The thing of it is though that I can’t say I have heard of it being widely exploited. Have any of you? This exploit brings to memory the big fuss several years ago about the reset attack. That research was presented at CanSecWest amongst much angst that the whole Internet was now ripe for exploitation and that any session could be disconnected. Well, thing of it is, nothing of the sort ever happened. While the attack was possible it was not very feasible, hence the lack of its use. That brings me back though to this DNS rebinding. Is it also one of those attacks? While technically feasible, it is not very practical in nature for those people who would use it? Your thoughts?

Technorati Tags: , ,

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top