DNS rebinding protection

Home networks hosting connected devices (like Google Home, home media servers and Internet of Things devices) can be vulnerable to a type of attack known as DNS rebinding. To protect against these attacks, Google Wifi uses DNS Rebinding Protection, which blocks the use of private IP ranges by public domains. This feature is enabled by default on Google Wifi.

However, some services require DNS rebinding to function. If you want to allow DNS rebinding on your local network, you can disable DNS Rebinding Protection by setting custom DNS servers at your own risk.

Disable DNS rebinding protection

1. Open the Google Wifi app.

2. Tap the tab, then Network & general.

3. In the 'Network' section, tap Advanced networking > DNS.

4. Tap Custom DNS Servers.

Note: We recommend using 8.8.8.8 as your Primary server, and 8.8.4.4 as your Secondary server.

5. Tap Save.

What is a DNS rebinding attack?

A DNS rebinding attack is performed when a malicious website pretends that IP addresses (usually IPs reserved for local networks) are part of their domain. This allows them to circumvent the same-origin policy implemented by browsers and view data from these IP addresses.

A DNS rebinding attack can happen if someone using your network visits a malicious website that identifies your local IP address and deduces the structure of your local network. The malicious website could then bind their domains to the local IP address, send requests to devices on your network, and then read any responses to those requests. This could allow attackers to access some of your private information, or further compromise your network security.

Related article

Was this helpful?
How can we improve it?