Jumat, 06 April 2007

Dns-Pinning, the next big thing?

I always admire programmers for their sharp programming skills and their structured way of logical thinking. Me, myself can never be good in programming or scripting. I tried my times to brush up my skills, but always failed at some point. This is the reason why i choose networking over being a developer. If i am good in programming, i would definitely develop hell lot of security tools to cater the community. Now, this lead to a very interesting article i am going to refer you guys to. Have you guys heard of DNS-Pinning? I think its the "Next Big Thing" that is going to have effect on the web community after XSS and CSRF. Well, it all comes down to having ideas and working on a Proof of Concept. We all know that it is possible to port-scan using javascript with XSS and now comes DNS-Pinning. DNS-Pinning is like punching a hole in the firewall and allows scanning on a internal LAN. This is scary because it actually bypass the firewall rules and return all the open ports. I had just tested it on my machine and damn, the results are pretty accurate though. Read on for more information.

http://shampoo.antville.org/stories/1451301/

http://sla.ckers.org/forum/read.php?6,4511,9587#msg-9587

0 komentar:

Posting Komentar