SIN 24Trusting Network Name Resolution
OVERVIEW OF THE SIN
This sin is more understandable than most—we absolutely have to rely on name resolution to function in most realistic scenarios. After all, you really don’t want to have to remember that http://216.239.63.104 is an IPv4 address for one of the many English-customized web servers at www.google.com, nor do you want to have to deal with the nuisance of updating a file on your system if something changes.
The real problem here is that most developers don’t realize how fragile name resolution is, and how easily it is attacked. Although the primary name resolution service is DNS for most applications, it is common to find Windows Internet Name Service (WINS) used for name resolution on large ...
Get 24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
