Preventing DNS rebinding attacks using dnscrypt-proxy

Preventing DNS rebinding attacks using dnscrypt-proxy dns resolution is an attack vector that can be leveraged to bypass the Same-origin policy enforced by all browsers. The most insidious is DNS Rebinding, which this article very briefly covers before explaining a suggested mitigation based on dnscrypt-proxy ip blacklist capability. The initiation of the attack requires a webpage (or iframe ) containing malicious javascript that performs repeated requests to hostnames under a subdomain of the malicious script’s origin domain.