cuw44 0 Posted August 12, 2019 Share Posted August 12, 2019 (edited) Hi I have read recently very bad things about WPAD vulnerability for example here nakedsecurity.sophos.com/2016/05/25/when-domain-names-attack-the-wpad-name-collision-vulnerability/ (article from 2016) or here blog.redteam.pl/2019/05/badwpad-dns-suffix-wpad-wpadblocking-com.html (article from 2019) How to defend against it? If I only use wifi only from my home network, am I also at risk? Should I disable it? Thanks in advance Edited August 12, 2019 by cuw44 Link to comment Share on other sites More sharing options...
itman 1,746 Posted August 12, 2019 Share Posted August 12, 2019 (edited) The simplest solution for this assuming you're not using a proxy connection is to do what U.S.-CERT recommends: Quote Solution US-CERT encourages users and network administrators to implement the following recommendations to provide a more secure and efficient network infrastructure: Consider disabling automatic proxy discovery/configuration in browsers and operating systems unless those systems will only be used on internal networks. https://www.us-cert.gov/ncas/alerts/TA16-144A In Win 10, turn off all proxy settings as shown in the below screen shot: As far as browsers go, almost all are set by default to use OS proxy settings. Edited August 12, 2019 by itman cuw44 1 Link to comment Share on other sites More sharing options...
cuw44 0 Posted August 13, 2019 Author Share Posted August 13, 2019 Thanks! Link to comment Share on other sites More sharing options...
Recommended Posts