DNS Rebind Attack?

Installing and Using OpenWrt
21

I was looking at dnsmasq CHANGELOG

version 2.76
Include 0.0.0.0/8 in DNS rebind checks. This range
translates to hosts on the local network, or, at
least, 0.0.0.0 accesses the local host, so could
be targets for DNS rebinding. See RFC 5735 section 3
for details. Thanks to Stephen Röttger for the bug report.

and MANPAGE

--rebind-localhost-ok

Exempt 127.0.0.0/8 and ::1 from rebinding checks. This address range is returned by realtime black hole servers, so blocking it may disable these services.

Is there no way to make 0.0.0.0 an exempt address for rebind checks in dnsmasq conf?

22

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.