Fing showing DHCP Proxy WPAD error running Merlin 388.1 on RT-AX86U

[jjones7791]

This is a longshot and apologies if this isn't the right group, but figured since I'm running Merlin it would work.

I use an application called Fing for network monitoring, basic stuff for the most part. However it has one check related to DHCP Proxy WPAD that is saying I have vulnerability, but I can't for the life of me figure out how or why this is showing. I don't use proxies on my network, so it seems this shouldn't be an issue. I'm really not sure at this point if it has anything to do with the router, as it may be a bug in the Fing software, but throwing it out there in case anyone has any ideas around this. I'm addressing this with Fing as well, but figured it won't hurt to ask for advice here. Thanks!

 

[ColinTaylor]

Does it give any more details as to what it thinks the problem is?

There is already protection against this WPAD vulnerability. You can check that it's enabled with this command:

# grep wpad /etc/dnsmasq.conf
dhcp-name-match=set:wpad-ignore,wpad
dhcp-ignore-names=tag:wpad-ignore

There's also an option in the GUI that can be toggled depending on which version of Windows you're running.

Tools - Other Settings > Advanced Tweaks and Hacks > dhcpd: send empty WPAD with a carriage return

@RMerlin Note the typo in the above text. The router uses dnsmasq not dhcpd.

 

[jjones7791]

@ColinTaylor thank you very much! Exactly what I needed! Getting the results above. So long as it's blocked, that's good enough for me. I don't need it, just want to make sure I'm not leaving some vulnerability open.

Also edit to answer your questions:

Does it give any more details as to what it thinks the problem is?

No, nothing. I've even opened a ticket with Fing, and I know others have as well and they have yet to advise what is causing it, or as I've asked, what process or checks they are implementing that is coming to this conclusion. But with what you shared I'm wondering if it's just saying this because WPAD is not allowed, but they have yet to elaborate.

There's also an option in the GUI that can be toggled depending on which version of Windows you're running.

Tools - Other Settings > Advanced Tweaks and Hacks > dhcpd: send empty WPAD with a carriage return

I did try that option, but didn't have any effect unfortunately. And I've tried using the Fing agent on both Win 10 and 11 and it has no effect.


@RMerlin thank you as well! Been using your build for years and can't say thank you enough! Donation sent!

 

[RMerlin]

@RMerlin Note the typo in the above text. The router uses dnsmasq not dhcpd.

It's not a typo, more that I wanted to specify that this setting affected the DHCP daemon (most people would associate dnsmasq with DNS resolution). I will need to reword the whole sentence if I change that to dnsmasq to specify that this parameter is related to the DHCP daemon.