Menu
What's new
By:
Filters Better Search

dhcpd: send empty WPAD with a carriage return

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Leave it on the default setting (which IIRC is yes). It's only relevant if you're using Windows 7.
 
Not entirely. But there are other non-configurable options set in dnsmasq that disallow a host on the LAN claiming wpad as it network name.
 
Jack-Sparr0w said:
would it be safer to turn off being used with a service like nord vpn on router. small home network with no work connections. this article has been scaring me https://www.thewindowsclub.com/how-to-disable-web-proxy-auto-discovery-wpad-in-windows
Click to expand...
Personally I wouldn't make those changes to my PC just because I was using a VPN. You're already sending all your browser data though the VPN service and trusting them with it. Preventing a hypothetical wpad interception in that circumstance seems a bit of a nonsense argument. If you're particularly concerned simply turning off Automatic Proxy Setup in your browser's settings would probably achieve the same thing. I'm not even sure that WPAD would work at all if the VPN client was running on the router rather than your PC.
 
Last edited:
This article says Man-in-the-middle attackers can abuse the WPAD protocol, The two researchers showed that some widely used VPN clients, like OpenVPN, do not clear the Internet proxy settings set via WPAD. This means that if attackers have already managed to poison a computer’s proxy settings through a malicious PAC before that computer connects to a VPN, its traffic will still be routed through the malicious proxy after going through the VPN. https://www.pcworld.com/article/415...ur-accounts-and-private-data-compromised.html
 
Jack-Sparr0w said:
This article says Man-in-the-middle attackers can abuse the WPAD protocol, The two researchers showed that some widely used VPN clients, like OpenVPN, do not clear the Internet proxy settings set via WPAD. This means that if attackers have already managed to poison a computer’s proxy settings through a malicious PAC before that computer connects to a VPN, its traffic will still be routed through the malicious proxy after going through the VPN. https://www.pcworld.com/article/415...ur-accounts-and-private-data-compromised.html
Click to expand...
Yes, I understand how WPAD works and it's vulnerabilities. You said you were concerned about WPAD when using NordVPN. The threat described by PCworld is not from NordVPN (or any other VPN provider):
...if attackers have already managed to poison a computer’s proxy settings through a malicious PAC before that computer connects to a VPN..
Click to expand...
The threat comes from your LAN having already been compromised. They are just saying that using a VPN client doesn't change that.
 
Last edited:
You must log in or register to reply here.

Similar threads

P
Send stats Division and Skynet to webhook or mqtt
Replies
0
Views
241
poudenes
P
T
Having some problems with my home network. Please Help!
Replies
3
Views
838
triggerh4ppy
T
commodoro
DDNS Custom check External IP and refresh if necessary
Replies
0
Views
97
commodoro
commodoro
C
AiCloud: Samba share folder contents empty only on main drive
Replies
0
Views
200
Ceejus
C
lluke
YazFi, ntpMerlin and guest network isolation
Replies
1
Views
667
bennor
B
Similar threads
Thread starter Title Forum Replies Date
P Send stats Division and Skynet to webhook or mqtt Asuswrt-Merlin AddOns 0
heysoundude amtm error - client_loop: send disconnect: Broken pipe Asuswrt-Merlin AddOns 2
T Diversion dnsmasq.log file empty Asuswrt-Merlin AddOns 19

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 902 (members: 19, guests: 883)
Top