Keeping up with all the different attack vectors is like the protagonist of Cervante's famous novel Don Quixote. New threats are emerging on a daily basis while protections seem to remain stagnant at best. Users could opt for a radical solution by choosing to turn off scripts using NoScript and uninstalling scripting languages like Java and Flash content.
That would make most of the Internet unusable and produce some bad looking websites with reduced functionality while some would stop working completely.
Anti DNS-Pinning: LocalRodeo detects this attack method by monitoring DNS answers. The switch of a given domain from external to local (or vice versa) is a clear indication of an anti-pinning attack. If such a switch is detected, all further requests from or to the malicious domain are prohibbited.
A detailed explanation of Anti DNS-Pinning can be found at the blog of Christian Matthies. The extension was updated to be compatible with Firefox 3 today.
Update: The blog does not seem to be available anymore, but the research paper is still available at the Blackhat website.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.