NoScript 2.0 released
Paul wrote in to tell us about the new version of NoScript just out ==> http://noscript.net/
The main new feature is protection against the Craig Heffner's DNS rebinding attack that's getting some press, which will be presented at Blackhat.this week ==> http://www.blackhat.com/html/bh-us-10/bh-us-10-briefings.html#Heffner
The protection is pretty simple - look up the public ip of the workstation, and place it in the LOCAL pseudo list. It uses a public site https://secure.informaction.com/ipecho for this - I can't comment at this time if this is a "safe" site to use for this or not.
If anyone has more info on this please feel free to comment.
=============== Rob VandenBrink Metafore ===============
Keywords: noscript dns rebind
2 comment(s)
×
Diary Archives
Comments
The message above kind of turned me off.
dsh
Jul 29th 2010
1 decade ago
http://blog.opendns.com/2010/07/27/calling-craig-heffner/
M Guirao
Jul 29th 2010
1 decade ago