Posted in ISC on July 29th, 2010 by ISC Handler
Paul wrote in to tell us about the new version of NoScript just out ==http://noscript.net/
The main new feature is protection against the Craig Heffner's DNSrebinding attack that's getting some press, which will be presented at Blackhat.this week ==http://www.blackhat.com/html/bh-us-10/bh-us-10-briefings.html#Heffner
The protection is pretty simple - look up the public ip of the workstation, and place it in the LOCALpseudo list. It uses a public site https://secure.informaction.com/ipecho for this - I can't comment at this time if this is a safe site to use for this or not.
If anyone has more info on this please feel free to comment.
=============== Rob VandenBrink Metafore =============== (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
The main new feature is protection against the Craig Heffner's DNSrebinding attack that's getting some press, which will be presented at Blackhat.this week ==http://www.blackhat.com/html/bh-us-10/bh-us-10-briefings.html#Heffner
The protection is pretty simple - look up the public ip of the workstation, and place it in the LOCALpseudo list. It uses a public site https://secure.informaction.com/ipecho for this - I can't comment at this time if this is a safe site to use for this or not.
If anyone has more info on this please feel free to comment.
=============== Rob VandenBrink Metafore =============== (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News
