View Single Post
  #6   (View Single Post)  
Old 4th August 2010
comet--berkeley comet--berkeley is offline
Real Name: Richard
Package Pilot
 
Join Date: Apr 2009
Location: California
Posts: 163
Default

Quote:
Originally Posted by Mantazz View Post
Out of curiosity, how did you find that?
I was at wits end with similar page requests appearing on my home web server.

But after running tcpdump I saw the page request every 5 minutes coming from my own machine.

And after turning off all the Firefox plugins the page requests stopped.

Going to Google I searched on this: NoScript "5 minutes" and found this

http://forums.informaction.com/viewtopic.php?f=7&t=4743

--------------------------------------------------------------------------------------------------------
Now that I described how I found it, let me talk about DNS rebinding which the NoScript is trying to stop.

Besides putting NoScript on every client browser in your house it is good to beef up the DNS server on the router.

If the router uses dnsmasq as the DNS then add the "stop-dns-rebind" option to it.

And configure the web server to reject invalid Host headers.

One straightforward way to do this is to turn on "Virtual Hosting".

Here is the wikipedia article about DNS rebinding:

http://en.wikipedia.org/wiki/DNS_rebinding
__________________
When you see a good move, look for a better one.
--Lasker
Reply With Quote