Is it possible to filter (*.)wpad.* with RPZ?

Grant Taylor gtaylor at tnetconsulting.net
Wed Nov 29 18:12:47 UTC 2017


Is it possible to filter (*.)wpad.* with RPZ?  Or do I need to look into 
Response Policy Service and try to filter that way?

I've used RPZ for various different things over the years, but I don't 
quite know how to match a wild card on the right hand side.

Context:  I'd like to prevent ""misconfigurations like the following and 
I was hoping that RPZ could be utilized:

Link - Anybody else having issues with wpad.domain.name?
  - 
https://www.reddit.com/r/networking/comments/732r5n/anybody_else_having_issues_with_wpaddomainname/

Link - Alert (TA16-144A) WPAD Name Collision Vulnerability
  - https://www.us-cert.gov/ncas/alerts/TA16-144A



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20171129/7d48b390/attachment.bin>


More information about the bind-users mailing list