Zosintha zowongolera ku nthambi zokhazikika za seva ya BIND DNS 9.11.18 ndi 9.16.2, komanso nthambi yoyesera 9.17.1, yomwe ikukula. M'mawu atsopano vuto lachitetezo chokhudzana ndi chitetezo chosagwira ntchito motsutsana ndi ziwawa "Β»pamene mukugwira ntchito mumayendedwe a seva ya DNS kutumiza zopempha ("otsogolera" block mu zoikamo). Kuonjezera apo, ntchito yachitidwa kuti kuchepetsa kukula kwa ziwerengero za siginecha za digito zomwe zasungidwa kukumbukira DNSSEC - chiwerengero cha makiyi omwe amatsatiridwa chachepetsedwa kukhala 4 pachigawo chilichonse, chomwe chiri chokwanira mu 99% ya milandu.
Njira ya "DNS rebinding" imalola, pamene wogwiritsa ntchito atsegula tsamba linalake mu msakatuli, kuti akhazikitse kulumikizidwa kwa WebSocket ku mautumiki a netiweki pamaneti amkati omwe sapezeka mwachindunji kudzera pa intaneti. Kuti mulambalale chitetezo chomwe chimagwiritsidwa ntchito mu asakatuli kuti musapitirire kuchuluka kwa dera lomwe lilipo (choyambira), sinthani dzina la wolandila mu DNS. Seva ya DNS ya wowukirayo imakonzedwa kuti itumize ma adilesi awiri a IP imodzi ndi imodzi: pempho loyamba limatumiza IP yeniyeni ya seva ndi tsambalo, ndipo zopempha zotsatila zimabwezeretsa adilesi yamkati ya chipangizocho (mwachitsanzo, 192.168.10.1).
Nthawi yokhala ndi moyo (TTL) pakuyankhidwa koyamba imayikidwa pamtengo wocheperako, kotero potsegula tsambalo, msakatuli amasankha IP yeniyeni ya seva yowukirayo ndikunyamula zomwe zili patsambalo. Tsambali limagwiritsa ntchito JavaScript code yomwe imadikirira kuti TTL iwonongeke ndikutumiza pempho lachiwiri, lomwe tsopano limadziwika kuti ndi 192.168.10.1. Izi zimalola JavaScript kuti ipeze ntchito mkati mwa netiweki yapafupi, kudutsa malire oyambira. Kulimbana ndi izi mu BIND kutengera kutsekereza ma seva akunja kubweza ma adilesi a IP a netiweki yamkati kapena zilembo za CNAME zamadomeni akumaloko pogwiritsa ntchito maadiresi okana-mayankhidwe ndi zokanira-mayankho.
Source: opennet.ru