funsec mailing list archives

Re: Texas Bank Dumps Antivirus for Whitelisting

From: Florian Weimer <fweimer () bfk de>
Date: Tue, 22 Jul 2008 09:57:23 +0200

* Alex Eckelberry:

I dislike whitelisting.  Certainly practical for data entry clerks and
the like, but I suspect it becomes a royal PITA when you get into other
types of users.  Plus managing software updates, etc.


You should insist on AuthentiCode signatures from your vendors.  After
that, you only need to maintain a list of vendors.

(It doesn't help against exploits which don't use files as vectors, of
course.  But AV has lots of trouble with that, too.)

-- 
Florian Weimer                <fweimer () bfk de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 15)
- Re: Texas Bank Dumps Antivirus for Whitelisting Alex Eckelberry (Jul 15)
  - Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 15)
  - Re: Texas Bank Dumps Antivirus for Whitelisting Chris Blask (Jul 15)
  - Re: Texas Bank Dumps Antivirus for Whitelisting Florian Weimer (Jul 22)
    - Re: Texas Bank Dumps Antivirus for Whitelisting Alex Eckelberry (Jul 22)
    - Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 22)
- Message not available
  - Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 15)
    - Re: Texas Bank Dumps Antivirus for Whitelisting Nick FitzGerald (Jul 15)
    - Re: Texas Bank Dumps Antivirus for Whitelisting Drsolly (Jul 16)
    - Re: Texas Bank Dumps Antivirus for Whitelisting David Harley (Jul 16)
    - Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 16)
    - Re: Texas Bank Dumps Antivirus for Whitelisting Alex Shipp (elist) (Jul 16)
    - Re: Texas Bank Dumps Antivirus for Whitelisting Richard M. Smith (Jul 16)
    - Re: Texas Bank Dumps Antivirus for Whitelisting Drsolly (Jul 16)

(Thread continues...)