Dailydave mailing list archives
How is this WPAD redirect even a "hack"?
From: "George Ou" <george_ou () lanarchitect net>
Date: Mon, 26 Mar 2007 22:42:15 -0700
http://securitywatch.eweek.com/microsoft_warns_of_windows_network_hack.html How is this even a "hack"? If someone pwned your DNS, WINS, or DHCP (rogue), they freaking own the entire layer 2 and they own your whole world. WPAD proxy hijack is the last of your worries. Am I missing something here? The following statement is very surprising and questionable. "An attacker could register a WPAD entry in the DNS (Domain Name System) or in WINS (Windows Internet Naming Service) that resolves to a host with a malicious WPAD.dat file." Is Ms. Vaas suggesting that any plain old user can register a WPAD entry in to a corporate DNS server? Or is she missing the fact that you need administrative access to the DNS or WINS server. That totally sounds bogus to me and I'd be shocked if you can anonymously add a WPAD entry in to MS DNS or WINS. If this is bogus, it's kind of like saying I can own your UNIX box if you give me SSH access and the root password. George Ou _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- How is this WPAD redirect even a "hack"? George Ou (Mar 27)
- Message not available
- Message not available
- Re: How is this WPAD redirect even a "hack"? James (njan) Eaton-Lee (Mar 27)
- Message not available
- Message not available
- Re: How is this WPAD redirect even a "hack"? Ronald L. Rosson Jr. (Mar 27)
- Re: How is this WPAD redirect even a "hack"? James (njan) Eaton-Lee (Mar 28)
- <Possible follow-ups>
- Re: How is this WPAD redirect even a "hack"? James (njan) Eaton-Lee (Mar 27)
- Re: How is this WPAD redirect even a "hack"? McGean, Joseph (Mar 27)
- Re: How is this WPAD redirect even a "hack"? george_ou (Mar 28)
- Re: How is this WPAD redirect even a "hack"? Steve Shockley (Mar 31)