lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <200905291559.n4TFxJQ7001179@www3.securityfocus.com>
Date: Fri, 29 May 2009 09:59:19 -0600
From: srublev@...ecurity.ru
To: bugtraq@...urityfocus.com
Subject: (whitepaper) Microsoft WPAD Technology Weaknesses [PTResearch Team]


WPAD (Web Proxy Auto Discovery) is a method used by web clients to automatically
locate a browser configuration file used to connect through proxy.

Successful attack on WPAD guarantees attackers full access
on user data sent to Internet which could allow stealing critical data like passwords or
credit card numbers. WPAD potential danger depends on two factors: default
configuration and weak awareness among users.

In this article we discuss WPAD architecture and its many functioning principles in home
and corporate networks, real examples of attacks and give recommendations for ordinary
users and system administrators that allow reducing attack consequences.

Whitepaper:

http://www.securitylab.ru/_download/articles/wpad_weakness_en.pdf

Simple Freeware Network Checker to detect potentially dangerous entries in DNS and WINS name servers:

http://www.securitylab.ru/news/extra/380522.php
Direct url:
http://www.ptsecurity.ru/download/wpadcheck_en.zip


Notes:
* The utility does not recognize DNS and WINS services so do not scan hosts without this services – it is useless;
* .NET Framework. Is required for the utility.

---
I hope this is helpful.

Sergey

---------------------------
About Positive Technologies

Positive Technologies www.ptsecurity.com is among the key players in the IT security market in Russia.
The principal activities of the company include the development of integrated tools for information security monitoring (MaxPatrol); providing IT security consulting services and technical support; the development of the Securitylab en.securitylab.ru leading Russian information security portal.

PTResearch Lab:
http://en.securitylab.ru/lab/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ