View Full Version : Guys/Gals, how effective are "white listing" security apps?
zopzop
January 29th, 2007, 12:46 PM
By "white listing" apps I mean stuff like Exe lockdown :
http://www.horizondatasys.com/169602.ihtml
How effective are they really? A few questions I have are :
What if I'm visiting a website that attempts a "drive-by" download?
What about stuff like SONY DRM rootkits that attempt to install from a CD/DVD?
What about things that are not exe's but run if you click them like .reg files or scripts?
lucas1985
January 29th, 2007, 02:05 PM
Link (http://www.urs2.net/rsj/computing/tests/Anti-Exec/index.html) :)
zopzop
January 29th, 2007, 03:12 PM
thanks for the link. it seems that these things (white listing apps) are incredibly useful. one last question remains though. how are they vs non executables? what happens if you click a .reg file or a script (like .js)? or are those counted as executables?
lucas1985
January 29th, 2007, 03:38 PM
I think that scripts are counted as executables. Ask Rmus (he´s the guy who made the tests in the link posted above) about this.
Needless to say, pure whitelisting apps. are good for static systems.
muf
January 29th, 2007, 04:13 PM
-{ Quote: "Link (http://www.urs2.net/rsj/computing/tests/Anti-Exec/index.html) :)" }-
Hmmm, Linkscanner Pro didn't like that link.
muf
lucas1985
January 29th, 2007, 04:25 PM
False positive :)
It´s a site that talks about computer security. Check the home (http://www.urs2.net/rsj/).
vBulletin® Copyright ©2000-2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums