Files ≈ Packet Storm

Files ≈ Packet Storm Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 10:35:58 GMT Packet Storm 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1611225536&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fpapers%2Fgeneral%2Fwpad_weakness_en.pdf%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1611225536.1338201358.1338201358.1338201358.1%3B%2B__utmz%3D32867617.1338201358.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) Microsoft WPAD Technology Weaknesses http://packetstormsecurity.org/files/77949/wpad_weakness_en.pdf http://packetstormsecurity.org/files/77949/wpad_weakness_en.pdf http://packetstormsecurity.org/files/77949/Microsoft-WPAD-Technology-Weaknesses.html Sat, 30 May 2009 14:36:20 GMT WPAD (Web Proxy Auto Discovery) is a method used by web clients to automatically locate a browser configuration file used to connect through a proxy. Successful attacks on WPAD guarantees attackers full access on user data sent to the Internet which could allow theft of critical data like passwords or credit card numbers. WPAD potential danger depends on two factors: default configuration and weak awareness among users. In this article they discuss WPAD architecture and its many functioning principles in home and corporate networks, real examples of attacks and give recommendations for ordinary users and system administrators that allow reducing attack consequences.