cancel
Showing results for 
Search instead for 
Did you mean: 
flamethrower
Aspiring Expert
510 Views
Message 1 of 3

BT DNS & rebinding attacks

Hi all

Question for BT's DNS team - does the BT DNS service filter out responses that contain private network addresses, e.g. 192.168.0.0/16, 10.0.0.0/24?

This post on medium shows a DNS rebinding attack:

https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea...

Looking at my own router I couldn't see an easy route to a firewall rule for dealing with this.

Thanks

 

0 Ratings
Reply
2 REPLIES 2
gregewing
Newbie
483 Views
Message 2 of 3

Re: BT DNS & rebinding attacks

That article is a really interesting read.  

BT, do you provide protection at the router AND at your ISP Level DNS Servers against attacks like this ?

0 Ratings
Reply
flamethrower
Aspiring Expert
452 Views
Message 3 of 3

BT DNS and rebinding attacks [FIXME]

From testing tonight I can confirm BT DNS does not filter out the offending responses. The link in the article discovers devices on home customer networks using private address blocks (tested a block in 10.0.0.0/8 range).

Don't shoot the messenger, but it looks like OpenDNS doesn't have this issue:

https://support.opendns.com/hc/en-us/articles/227987987-Getting-Started-The-protection-and-filtering...