Last Updated: 2010-07-29 12:47:50 UTC
by Rob VandenBrink (Version: 1)
Paul wrote in to tell us about the new version of NoScript just out ==> http://noscript.net/
The main new feature is protection against the Craig Heffner's DNS rebinding attack that's getting some press, which will be presented at Blackhat.this week ==> http://www.blackhat.com/html/bh-us-10/bh-us-10-briefings.html#Heffner
The protection is pretty simple - look up the public ip of the workstation, and place it in the LOCAL pseudo list. It uses a public site https://secure.informaction.com/ipecho for this - I can't comment at this time if this is a "safe" site to use for this or not.
If anyone has more info on this please feel free to comment.
=============== Rob VandenBrink Metafore ===============