Security Basics mailing list archives
Re: How to categorize 'desktop application firewalling'?
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Wed, 13 Jul 2005 19:57:09 +0200
On 2005-07-12 Bill Stout wrote:
I'm the IT department for our company, and I'm trying to figure out how to simply categorize and describe our software. Here's the complicated description: Our software protects Windows local system resources and the local network from an application process accessing untrusted content. It's like placing latex around the application that opens untrusted content. What it means is, processes launched in our protected environment do not have the ability to; modify the registry, files on disk or the local network. It also adds confidentiality by blocking processes accessing Internet content from read access to 'My Documents', local network shares, etc. Nearly any process can be launched in this space, but it does it automatically for just IE and Outlook. Currently the software automatically detects if IE or Outlook is attempting to access content from outside the defined network and re-launches an application process in the controlled space. The result is that with the software installed, you can purposely attempt to install spyware or viruses through IE or Outlook and it doesn't infect the machine. All the above is really difficult to explain quickly, and we end up describing it as anti-virus/anti-spyware software, although we don't recommend throwing existing software out. Would anyone have a simpler way of explaining something that firewalls desktop applications from local resources?
The word you're looking for is "sandbox". Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- How to categorize 'desktop application firewalling'? Bill Stout (Jul 13)
- Re: How to categorize 'desktop application firewalling'? Ansgar -59cobalt- Wiechers (Jul 18)
- <Possible follow-ups>
- RE: How to categorize 'desktop application firewalling'? Gaydosh, Adam (Jul 18)
- RE: How to categorize 'desktop application firewalling'? Bill Stout (Jul 18)