dns cache beyond ttl - viasat / exede
Tony Finch
dot at dotat.at
Tue Oct 8 11:21:58 UTC 2019
William Herrin <bill at herrin.us> wrote:
>
> You may be looking at a web browser "feature" called "DNS pinning." This is
> used to defeat the "DNS rebinding" attack on javascript that would allow a
> web site to instruct a browser to scan the interior behind its user's
> firewall by having an attacker rotate the IP addresses used for
> Javascript's allowed server name.
>
> Depending on the implementation, DNS pinned browsers may not recognize a
> change to your IP address until the browser is stopped and restarted.
I thought DNS pinning was only for the lifetime of the web page, so
closing the tab (or all tabs open on the site...) should be enough, if a
reload isn't.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
democracy, participation, and the co-operative principle
More information about the NANOG
mailing list