Practical audit advice you can use today.
# 22 : Man in the Middle with DNS Spoofing and WPAD - How To
How hard is it for someone to insert a proxy between you and the rest of the Internet without you knowing? Will running a Mac or Linux protect you?

In this episode we combine the concepts from Episode 20 with the WPAD style attack that was discussed back in Episode 17, creating a quick and easy how-to when it comes to creating a man in the middle attack that will work against any system that has Automatic Proxy Discovery enabled.

This feature is sometimes thought to be a Windows specific issue, but as we demonstrate here by transparently creating a man in the middle proxy for a Mac, it really does apply everywhere. There are just a few simple pieces that you need to accomplish this attack and there are some quick and easy things that you can do to defend yourself or that you can look for during an audit.

For more details and a link to the source code, please check the Blog article here:

http://it-audit.sans.org/blog/2011/11/09/it-security-audit-what-about-wpad/ Screencast_icon

View All