Prevx & Google ?

Do any of our Prevx apps in ANY way/s whatsoever make contact with Google for Any reason/s ?

TIA

 

No, the only query you could possibly see for Google would be if Prevx was running a DNS query on a Google address to ensure it is legitimate. Other than that, there isn't any communication with anything related to Google

 

Originally Posted by PrevxHelp

How exactly would Prevx decide if something might not be Google, to then want to check ? Can you give an instance please ?

 

I'm not sure I understand the question. SafeOnline performs a DNS check on visited websites so if you visit Google, SafeOnline will check it (which would show as traffic related to Google if you're logging traffic from a firewall, for example). Other than that, there isn't anything else.

 

This will give more info at what CloneRanger is at https://www.wilderssecurity.com/showthread.php?t=285609

TH

 

@ Triple Helix

Yes, thanks for the link

*

You said,

So i asked,

"How exactly would Prevx decide if something might not be Google, to then want to check ?"

But now you've posted the following i understand more

1 - So PSOL checks EVERY www we visit ?

2 - With who does it check ?

3 - Does our PSOL app save logs of ANY of these www's locally, if so are they uploaded and/or accessed at ANY time by your server/s ?

4 - Does your server/s store ANY such www visits of ours at all ?

TIA

 

SafeOnline does perform checks on every visited website to ensure they aren't malicious and that they are being resolved properly within your DNS (without having any poisoned results).

We have a large set of heuristics as well as a conventional blacklist (although the effectiveness of a blacklist against phishing/malicious websites is questionable )

No, nothing persists or is stored centrally.

Hope that helps!

 

Hi

I thought a database of bad www's was loaded/updated into our app, and then it compared our visited www's against them. But i now realise that's not the case !

I don't like this approach I think it would be MUCH better if we had an option in the GUI to enable/disable this "feature"

Well that's good

Partially

 

It doesn't only check if the www is malicious but also the IP and compares it against the one provided by your DNS to make sure it isn't poisoned by a MitM attack. Thus if you would want a local database then it would need to be a huge database consisting of all websites in the world, which is of course totally impractical. So the request for every website is a 'necessary evil.'

 

@ BoerenkoolMetWorst

Thanks for your explanations