Discussion in 'WormGuard' started by Rilla927, Aug 23, 2005.
Are there any additional extensions that I can add to WG?
Hi Rilla, did you see this recent thread:
Hi Jooske, yes I did see that thread. I mean't extensions that would be threat beside's the default one's.
The extensions given in that thread are all a potential danger, that is why they were included.
Some are rather rare, like .SWF viruses, but you can see why it could be a threat by looking here:-
One I forgot to include on my list, though it was mentioned elsewhere, was .SCR; you can see why that would be relevant here:-
You will have to go through each extension on the list, in turn, and see for yourself whether you consider it worth including; I don't suppose anyone else will bother to do that job for you!
If you just want the really important ones, you have them in the default list!
here a list someone suggested for a different script program. havent tried with wormguard tho:
Interesting, WS. I see you have .DLL on the list. Are there not a LOT of good .DLL files used by just about all Windows programs?
i never rele checked the list, i just copied from this thread.
How is one supposed to get information if they get beat up for asking.
I don't think TopperID was intending that! He and I both posted to the thread referenced by Jooske, and you will notice that there is a long list of script filetypes that potentially are dangerous, that is, any script filetype *could* execute malicious code.
Some decisions are best made individually. For instance, I don't include *.bat in the block list because I have so many of those files that I run on a regular basis, and I don't include them in the trusted list because WG cautions against having too many files in the list.
See also post #4 in that thread where WG will alert to *any* script whether or not it's on the blocked list. Blocked means it's not permitted to run, and you have no option otherwise.
If not on the blocked list, WG alerts and gives you the option what to do.
So, even if a filetype is not on the blocked list, you are protected because WG monitors all script filetypes
This is a block list I helped set up for a friend. It's similar to what's been posted before, and some are already on the default list:
.BAT .HTA .JS .JSE .MDE .PIF .REG .SCT .SHA .SHB .SHS .VB .VBE .VBS
If you use MS Access, you would want to put your .mde files in the trusted list - this is a decision that only you can make.
One thing that helps, and is very infomative, is to know what the different filetypes are. Here is a good list that includes descriptions of the above:
Potentially Dangerous File Types
This is an information list, not a block list: You wouldn't want to block many described here - for instance, .doc (Word document) if you use MSWord. But WormGuard will alert if there is a macro contained in the file, so you are protected.
The WormGuard Help file is also useful, especially about macro protection.
If you want more information on any filetype you are considering, you can search for it specifically, or post it here and someone can help.
The time spend learning about these filetypes makes us more knowledgeable about how our computer operates.
~~Be ALERT!!! ~~
The first four files on that list are technically executables and not script types, so WG wouldn't monitor them.
~~Be ALERT!!! ~~
Thanks Rmus, for explaining my position better than I managed to!
The previous poster, in the other thread, had requested a comprehensive list of file types, from which to select, which is what I attempted to provide. I merely meant that it would not be possible to select from the list to match another person's requirements and they would have to do that for themselves, since they are the only ones who know what those requirements might be!.
Separate names with a comma.