Web proxy auto discovery protocol (WPAD) is a method which is basically used by the
clients for locating the URL of a configuration file with the help of DHCP or the DNS discovery methods. So, once the detection and the download of the configuration file is completed then the same can be executed so that the proxy for a specified URL is determined. The WPAD protocol allows the outlining of the location of the discoverable file which is deployed in the configuration of the file format which is in the Proxy auto configuration which is basically developed by the Netscape for the Netscape Navigator. WPAD is basically documented in the internet draft which got phased out in the late 1999 but still the WPAD still supports the majority of the browsers which was first started in Internet Explorer 5.
If the same proxy policy has to be supplied to all of them then the configuration of each browser can be done manually even without configuring each browser manually as both the technologies are required. With the help of the Proxy auto configuration, one can create, publish one central proxy configuration tool and the WPAD standard ensures that an organizations browser will find this file without the manual configuration. The WPAD standard defines two different alternative methods with the help of which the system administrator can use the publishing location of the proxy configuration tool with the help of the DHCP and with the help of the DNS.
Basically, even before the fetching of the first page is done, this sends the local DHCP server which is basically the DHCPINFORM query and then it uses the URL from the WPAD options in the servers reply. If the DHCP server doesnt provide the desired information then the DNS is used. If the DHCP server doesnt provide the desired information then DNS is used.
If we talk of security in the WPAD then, through the WPAD file, the attacker can point users browsers to their own proxies and intercept and modify all of WWW traffic. WPAD protocol configuration is very sensitive to the security threats as with a simple and small mistake it can open the doors for the attackers and becomes easier for them to change for what it appears on the website.