It seems that this kind of attack is now called as "DNS Rebinding".
I like this term because it represents the issue correctly.

And, just FYI
"Protecting Browsers from DNS Rebinding Attacks" by Stanford University
http://crypto.stanford.edu/dns/

--
Kanatoko
http://www.jumperz.net/

That paper has been posted here by christ1an some days ago, and it's very interesting indeed.

FYI, I'm currently implementing its "same subnet" anti-rebinding policy (both in IPV4 and IPV6) as a new NoScript feature that I call "DNS Nailing".

--
*hackademix.net*

There's a browser safer than Firefox... Firefox, with NoScript

mal

>That paper has been posted here by christ1an some days ago

I didn't know that. thanks.
In that paper, my web site is called as "black-hat community". lol

>FYI, I'm currently implementing its "same subnet" anti-rebinding
> policy (both in IPV4 and IPV6) as a new NoScript feature that I call "DNS Nailing".

Wow, you are Mr.NoScript! Great.
I have used NoScript for months and it really works well. Thanks.
I'll buy you a drink when you come to Tokyo :)

--
Kanatoko
http://www.jumperz.net/

I read the paper carefully and found that they( Stanford guys ) point that "Multi-Pin Vulnerability" is used( or needed ) to control the browser as a proxy.

But I don't think so. The malicious code on the browser can communicate with the attackers another host using cross domain access technique like JSONP, FLASH with valid crossdomain.xml ( or policy-server ).

So we don't need Multi-Pin. Single-pin ( to the target host ) is enough.

--
Kanatoko
http://www.jumperz.net/