【 「クロス・ドメイン・セキュリティ・モデル」又はそれに関連する用語の意味 】
出典: DNS rebinding 『フリー百科事典 ウィキペディア(Wikipedia)』 最終更新 10 December 2018, at 19:51 UTC、URL: https://en.wikipedia.org/
DNS rebinding is a form of computer attack. In this attack, a malicious web page causes visitors to run a client-side script that attacks machines elsewhere on the network. In theory, the same-origin policy prevents this from happening: client-side scripts are only allowed to access content on the same host that served the script. Comparing domain names is an essential part of enforcing this policy, so DNS rebinding circumvents this protection by abusing the Domain Name System (DNS). [How DNS rebinding works] The attacker registers a domain (such as attacker.com) and delegates it to a DNS server that is under the attacker's control. The server is configured to respond with a very short time to live (TTL) record, preventing the DNS response from being cached. When the victim browses to the malicious domain, the attacker's DNS server first responds with the IP address of a server hosting the malicious client-side code. For instance, they could point the victim's browser to a website that contains malicious JavaScript or Flash scripts that are intended to execute on the victim's computer... |
【クロス・ドメイン・セキュリティ・モデルの同義語と関連語 】
< 1 >
同義語・類義語 |
関連語・その他 |
DNSリバインディング |
Same-Originポリシー |
DNS Rebinding |
Same-Originルール |
DNSリバインディング攻撃 |
SameOriginPolicy |
ディーエヌエス・リバインディング |
クロス・ドメイン・セキュリティ・モデル |
|
同一生成元ポリシー |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
更新日:2020年 1月 3日 |