Prevx & Google ?

Discussion in 'Prevx Releases' started by CloneRanger, Oct 31, 2010.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Do any of our Prevx apps in ANY way/s whatsoever make contact with Google for Any reason/s ?

    TIA
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    No, the only query you could possibly see for Google would be if Prevx was running a DNS query on a Google address to ensure it is legitimate. Other than that, there isn't any communication with anything related to Google :)
     
  3. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Originally Posted by PrevxHelp

    How exactly would Prevx decide if something might not be Google, to then want to check ? Can you give an instance please ?

    :thumb:
     
  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I'm not sure I understand the question. SafeOnline performs a DNS check on visited websites so if you visit Google, SafeOnline will check it (which would show as traffic related to Google if you're logging traffic from a firewall, for example). Other than that, there isn't anything else.
     
  5. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
  6. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ Triple Helix

    Yes, thanks for the link :thumb:

    *

    You said,

    So i asked,

    "How exactly would Prevx decide if something might not be Google, to then want to check ?"

    But now you've posted the following i understand more

    1 - So PSOL checks EVERY www we visit ? :eek:

    2 - With who does it check ?

    3 - Does our PSOL app save logs of ANY of these www's locally, if so are they uploaded and/or accessed at ANY time by your server/s ?

    4 - Does your server/s store ANY such www visits of ours at all ?

    TIA
     
  7. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    SafeOnline does perform checks on every visited website to ensure they aren't malicious and that they are being resolved properly within your DNS (without having any poisoned results).

    We have a large set of heuristics as well as a conventional blacklist (although the effectiveness of a blacklist against phishing/malicious websites is questionable :))

    No, nothing persists or is stored centrally.

    Hope that helps!
     
  8. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Hi

    I thought a database of bad www's was loaded/updated into our app, and then it compared our visited www's against them. But i now realise that's not the case !

    I don't like this approach :( I think it would be MUCH better if we had an option in the GUI to enable/disable this "feature" :thumb:

    Well that's good :)

    Partially ;)
     
  9. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    It doesn't only check if the www is malicious but also the IP and compares it against the one provided by your DNS to make sure it isn't poisoned by a MitM attack. Thus if you would want a local database then it would need to be a huge database consisting of all websites in the world, which is of course totally impractical. So the request for every website is a 'necessary evil.' :p
     
  10. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ BoerenkoolMetWorst

    Thanks for your explanations :thumb:
     
Thread Status:
Not open for further replies.