Tag: dns

Web Proxy Autodiscovery Protocol (WPAD)

If you take a close look at your logs you may occasionally see requests for a file named wpad.dat. This file is related to automatic proxy configuration in many browsers.

To provide this capability to your users and website,

  1. DNS:

    Default behavior is to traverse the domain in reverse, looking for one with a file named /wpad.dat

    Example (using my domain for example):
    wpad.www.giantgeek.com
    wpad.giantgeek.com
    wpad.com

  2. Then in httpd.conf, set the MIME type:
    AddType application/x-ns-proxy-autoconfig .pac
  3. Also in httpd.conf, add a redirect to the actual file you wish to use.
    Redirect permanent /wpad.dat http://www.giantgeek.com/proxy.pac
  4. In the new file, add the following default contents, modify if you use a proxy:

    /* 'proxy.pac' - This is the main function called by any browser
    NOTE: there is NO proxy!
    */
    function FindProxyForURL(url, host)
    {
    return “DIRECT”;
    } // End function FindProxyForUrl

REFERENCES:

Dotless IP Address

This is a concept I had forgotten about until recently, it can often serve as a simple means of code obfuscation and is also sometimes referred to as “Decimal Address”.

Some background:

  • DNS is used to convert a URL/domain name into an IP address that is used to contact the remote machine.
    EXAMPLES:
    localhost = 127.0.0.7
    giantgeek.com = 99.138.127.198
  • IP addresses (as IPv4) are represented as groups of 4 hexadecimal or decimal octets.
  • Those numbers can be plugged into a simple formula to be represented as a single large integer.

As such, you can use the following as equivalents:

  • http://localhost
  • http://127.0.0.1
  • http://2130706433

REFERENCES:

Private Caching/Relay DNS Server

Since I’ve run a few small websites (like this one) out of my home for years, I’ve found it useful to run a DNS server inside of my firewall. Not only does this make it easier to maintain the websites, but it allows me to lock down security and increase performance of many of my applications.

I run a the following services that use DNS:

  • Apache JAMES – mail server that does lookups to send email and filter inbound SPAM.
  • Analog – web server log analysis.
  • Apache HTTPD – web server, used to host websites, private domains used for internal purposes.

To make things more efficient, I currently have my DNS setup to forward all requests to OpenDNS, allowing for ‘adult’ website filters and analysis of DNS activity.

Some open-source/free DNS servers that I recommend:

Cheers!

OpenDNS

I’ve used EveryDNS (free service) for years to host my DNS services.    Recently I found that they now offer public DNS service for lookups as OpenDNS.   While I still run my own private DNS server for caching and various private addresses.  I now do a simple forward lookup to their servers to gain the extra services they provide… notably Phishing  and typo protection.

Setup is very simple for most users, and even a non-technical person should have no problems following their installation instructions for a single computer/device or an entire network.
Happy networking!!!