DNS Rebinding is a very present threat and is exploited by criminals since with this attack, it is possible to bypass the firewall, browse corporate networks, display sensitive documents and compromise internal network machines. In addition, it represents a significant danger for many Internet of Things devices, such as Chromecast or Google Home, due to its special configuration. So you can know if your network is vulnerable to dangerous DNS Rebinding attacks.
One of the problems of the Internet of Things and many of its devices is that they do not perform any security checks for local connections and that is why cybercriminals take advantage of this, by using this type of attack, a third party could establish a connection with the same as if it were in the local network without any type of authentication. For this reason and until security patches are released for these and other devices, it is important to know if your network is vulnerable to dangerous DNS Rebinding attacks.
Like many Internet threats, we must take security measures to prevent DNS rebinding attacks and we will see some of these measures such as:
▸Use DNS pinning by setting an IP address to the value received in the first DNS response. This technique can block some legitimate uses of dynamic DNS.
▸Blocking the resolution of external names to internal addresses on the organization’s local name servers.
▸Use a strong password for your router. If possible, change the username to something other than the factory default. If you are worried about forgetting the new password, write it down and place it on the device, but preferably write it down on paper.
▸Servers can reject HTTP requests with an unrecognizable Host header.
▸Enable the HTTPS management console on your device and don’t forget to disable the HTTP console (if possible).
Check also:
DNS Sinkhole, A barrier to protect our cybersecurity
SigRed – A dangerous vulnerability of Windows DNS
