nanog mailing list archives
Re: dns cache beyond ttl - viasat / exede
From: Tony Finch <dot () dotat at>
Date: Tue, 8 Oct 2019 12:21:58 +0100
William Herrin <bill () herrin us> wrote:
You may be looking at a web browser "feature" called "DNS pinning." This is used to defeat the "DNS rebinding" attack on javascript that would allow a web site to instruct a browser to scan the interior behind its user's firewall by having an attacker rotate the IP addresses used for Javascript's allowed server name. Depending on the implementation, DNS pinned browsers may not recognize a change to your IP address until the browser is stopped and restarted.
I thought DNS pinning was only for the lifetime of the web page, so closing the tab (or all tabs open on the site...) should be enough, if a reload isn't. Tony. -- f.anthony.n.finch <dot () dotat at> http://dotat.at/ democracy, participation, and the co-operative principle
Current thread:
- dns cache beyond ttl - viasat / exede Mike (Oct 07)
- Re: dns cache beyond ttl - viasat / exede Andrew Kerr (Oct 07)
- Re: dns cache beyond ttl - viasat / exede Brielle (Oct 07)
- Re: dns cache beyond ttl - viasat / exede William Herrin (Oct 07)
- Re: dns cache beyond ttl - viasat / exede Brielle (Oct 07)
- Re: dns cache beyond ttl - viasat / exede William Herrin (Oct 07)
- Re: dns cache beyond ttl - viasat / exede Brielle (Oct 08)
- Re: dns cache beyond ttl - viasat / exede William Herrin (Oct 07)
- Re: dns cache beyond ttl - viasat / exede Tony Finch (Oct 08)
- Re: dns cache beyond ttl - viasat / exede William Herrin (Oct 08)