Product and Support News

Aug
23

DNSWatch Introduces Protection Against DNS Rebinding Attacks

Profile picture for user toboyle
Categories:

Despite being around for many years, “DNS Rebinding” attacks have been making headlines recently. Commodity devices (Chromecast, Roku, Sonos Speakers, and many other IoT devices) are potentially vulnerable, and while the popular ones have been patched, it’s hard to know if they all have.

This trend, combined with direct feedback from other customers, has led us to build new protections into DNSWatch to address these types of attacks.

You can enable the DNS binding protections in your DNSWatch settings. Once you enable the feature, it can take up to an hour to take effect due to DNS caching.

When enabled, any responses that would normally contain an A record for a private IP address (192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/16) will instead result in an NXDOMAIN.

To confirm the rebinding protection is enabled, you can look up `local.strongarm.io`. If rebinding is enabled, it will return `192.168.1.1`. If the rebinding protection is enabled, DNSWatch will return an NXDOMAIN.

If you use an external nameserver to host intranet websites, you need to move those domains to an internal name server to protect them from DNS Rebinding attacks.

Browse by Category


 

EMAIL UPDATES

Sign up to get the latest product news, updates, and support alerts from WatchGuard.

Subscribe

 

Resources


Beta Program

Resource Center

End of Life Info

Product Certifications

Product & Support News

Secplicity

"The 443" Podcast

 

Keep in Touch


  Subscribe by Email

  Subscribe by RSS

   Facebook

  LinkedIn

  Twitter

  YouTube