Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: NoScript 2.0 released - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
NoScript 2.0 released

Paul wrote in to tell us about the new version of NoScript just out ==>

The main new feature is protection against the Craig Heffner's DNS rebinding attack that's getting some press, which will be presented at Blackhat.this week ==>

The protection is pretty simple - look up the public ip of the workstation, and place it in the LOCAL pseudo list.  It uses a public site for this - I can't comment at this time if this is a "safe" site to use for this or not.

If anyone has more info on this please feel free to comment.

=============== Rob VandenBrink Metafore ===============

Rob VandenBrink

577 Posts
ISC Handler
Jul 29th 2010
"There's no hope for you and no point in looking for security enhancements, while you keep using an unsafe wannabe web browser"

The message above kind of turned me off.

135 Posts
Interesting article related to this vulnerability:

13 Posts

Sign Up for Free or Log In to start participating in the conversation!