A CDE Definition
A method for obtaining unauthorized access to the local network by fooling the Web browser into switching IP addresses from the Web server to a local computer. It is used to steal company information, compromise unprotected client machines and hijack IP addresses for spam, click fraud and other malevolent purposes.
When a user requests a Web page from an attacker's site, the attacker's DNS server returns the IP address of its Web server with an extremely short time to live (TTL). The page that gets downloaded contains malicious code that binds the local IP address to the hostname of the attacker's site. The next query to the attacker's site becomes a query to the local machine. See TTL.
A function built into most Web browsers, DNS pinning ignores the TTL returned from the DNS server and keeps the Web server IP address "pinned" to the original hostname for up to several minutes. However, active technologies such as Java and Flash are also vulnerable to DNS rebinding. They use separate pin databases and have their own access to the network.
(1) (Time To Live) A parameter in a network packet that sets a time limit to its validity. In order to prevent an IP packet from propagating endlessly through the network, the value in the TTL field is reduced by each router. When TTL reaches 0, the packet is discarded.
In the DNS system, which converts hostnames to IP addresses, responses use a TTL field to keep the IP address in the user's cache for a set time. If a company is preparing to change its IP addresses, it can lower the time in the TTL field before the actual change is scheduled. If the address is then cached in the user's computer, it is valid for only a short time, and the company's name server will be queried more frequently. See DNS and DNS rebinding.
(2) (Transistor-Transistor Logic) A digital circuit composed of bipolar junction transistors (BJTs). Widely used in all variety of electronic applications, especially prior to CMOS circuits becoming popular, TTL superseded the earlier RTL (resistor-transistor) and DTL (diode-transistor) logic designs, which used more power. In TTL, transistors are used to both isolate inputs and perform the logic switching. A "TTL" designation on a circuit input or output indicates a digital circuit rather than analog. See 7400 series, ECL, I2L and bipolar transistor.
(3) (Through The Lens) Refers to a single-lens reflex camera that lets the photographer view the scene through the same lens that captures the image. "TTL metering" means that the light is measured from behind the lens to determine the correct shutter and flash settings.
Before/After Your Search Term
|DNS cache poisoning||DNS server|
|DNS failure||DNS Service Discovery|
|DNS name resolution||DNT|
|DNS parking||DNT browser|
|DNS poisoning||do loop|
Terms By Topic
Click any of the following categories for a list of fundamental terms.