Guys/Gals, how effective are "white listing" security apps?

Discussion in 'other anti-malware software' started by zopzop, Jan 29, 2007.

Thread Status:
Not open for further replies.
  1. zopzop

    zopzop Registered Member

    Joined:
    Apr 6, 2006
    Posts:
    632
    By "white listing" apps I mean stuff like Exe lockdown :
    http://www.horizondatasys.com/169602.ihtml

    How effective are they really? A few questions I have are :
    What if I'm visiting a website that attempts a "drive-by" download?
    What about stuff like SONY DRM rootkits that attempt to install from a CD/DVD?
    What about things that are not exe's but run if you click them like .reg files or scripts?
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
  3. zopzop

    zopzop Registered Member

    Joined:
    Apr 6, 2006
    Posts:
    632
    thanks for the link. it seems that these things (white listing apps) are incredibly useful. one last question remains though. how are they vs non executables? what happens if you click a .reg file or a script (like .js)? or are those counted as executables?
     
  4. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    I think that scripts are counted as executables. Ask Rmus (he´s the guy who made the tests in the link posted above) about this.
    Needless to say, pure whitelisting apps. are good for static systems.
     
  5. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Hmmm, Linkscanner Pro didn't like that link.

    muf
     

    Attached Files:

  6. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    False positive :)
    It´s a site that talks about computer security. Check the home.
     
Loading...
Thread Status:
Not open for further replies.