Discussion in 'Prevx Releases' started by CloneRanger, Oct 31, 2010.
Do any of our Prevx apps in ANY way/s whatsoever make contact with Google for Any reason/s ?
No, the only query you could possibly see for Google would be if Prevx was running a DNS query on a Google address to ensure it is legitimate. Other than that, there isn't any communication with anything related to Google
Originally Posted by PrevxHelp
How exactly would Prevx decide if something might not be Google, to then want to check ? Can you give an instance please ?
I'm not sure I understand the question. SafeOnline performs a DNS check on visited websites so if you visit Google, SafeOnline will check it (which would show as traffic related to Google if you're logging traffic from a firewall, for example). Other than that, there isn't anything else.
This will give more info at what CloneRanger is at https://www.wilderssecurity.com/showthread.php?t=285609
@ Triple Helix
Yes, thanks for the link
So i asked,
"How exactly would Prevx decide if something might not be Google, to then want to check ?"
But now you've posted the following i understand more
1 - So PSOL checks EVERY www we visit ?
2 - With who does it check ?
3 - Does our PSOL app save logs of ANY of these www's locally, if so are they uploaded and/or accessed at ANY time by your server/s ?
4 - Does your server/s store ANY such www visits of ours at all ?
SafeOnline does perform checks on every visited website to ensure they aren't malicious and that they are being resolved properly within your DNS (without having any poisoned results).
We have a large set of heuristics as well as a conventional blacklist (although the effectiveness of a blacklist against phishing/malicious websites is questionable )
No, nothing persists or is stored centrally.
Hope that helps!
I thought a database of bad www's was loaded/updated into our app, and then it compared our visited www's against them. But i now realise that's not the case !
I don't like this approach I think it would be MUCH better if we had an option in the GUI to enable/disable this "feature"
Well that's good
It doesn't only check if the www is malicious but also the IP and compares it against the one provided by your DNS to make sure it isn't poisoned by a MitM attack. Thus if you would want a local database then it would need to be a huge database consisting of all websites in the world, which is of course totally impractical. So the request for every website is a 'necessary evil.'
Thanks for your explanations
Separate names with a comma.