whitelist – Page 7 – WindowsTechs.com

How do I setup SELinux to act a as a true whitelisting solution?

Posted on March 22, 2017 by IguyKing

I am working on an appliance device running Linux. I would like to utilize the work done so far with the targeted policy in SELinux space. Since I own everything that should be installed and running on this system I will kn… Continue reading How do I setup SELinux to act a as a true whitelisting solution?→

Network Defense- White listing IPs/Ports

Posted on March 5, 2017 by userJoe

If I had a typical home user machine (google, email, youtube, no ssh/ftp, etc…) that had a dynamic iptables white-list that was dynamically updated with IP addresses that have been legitimately been launched and blocked all… Continue reading Network Defense- White listing IPs/Ports→

If LDAP credentials are leaked, is IP whitelist still sufficient protection?

Posted on February 9, 2017 by vikrantislav

In a situation where LDAP credentials get leaked but there is still an IP whitelist in place…

My gut feeling says this isn’t right; the credentials should be changed. Is this correct? What technical details can help me imp… Continue reading If LDAP credentials are leaked, is IP whitelist still sufficient protection?→

What resources/organizations should we submit applications to for testing, to prevent Anti-Virus "False-Positives?"

Posted on September 18, 2016 by XaolingBao

A friend’s company just released an application recently, which received a false-positive warning with Norton AV from a client.

He found something on Norton’s website that I believe he said was a form, and then he said that after submitting the form he was asked to download some application…?? He said he quickly left the page, but the issue of the false-positive is still there.

I had found a couple of sites that I think will help him, but not sure if they are complete solutions.

First is the Kaspersky Whitelist

http://whitelist.kaspersky.com/whitelist_program

Which mentions

To reduce the risk of a Partner’s software being wrongly classified as
malicious – known as false positive detections;

To ensure a positive experience for users when they download and use
Partner’s and Kaspersky Lab software;

Verified compatibility with the actual configurations of antivirus protection offered by Kaspersky Lab; Reduced risk of false alarms generated by antivirus protection in the event of non-standard behavior of the Partner’s software;

The thing is… Does this work with just Kaspersky Applications, or do other Anti-Virus applications/Whitelists get this information?

Then I found “VirusTotal,” which I’ve heard mentioned in the past on here (I think), but I didn’t look into it to much. Virus-Total mentions it scans applications with over “40 different Anti-Virus Applications,” but I didn’t see a mention of any “Whitelist,” so I’m not sure this is a site for a whitelisting applications.

So my questions are.

Is there a recommended place for developers to upload their applications, for testing, so that the applications can be added to whitelists for most, if not all AV applications?
Was there anything to worry about by downloading that Norton program? I’m assuming it would ask you to provide the application for testing inside the program, but it’s weird to both of us that it would be downloaded to test, and not you uploading the application… I know there are a lot of people who distrust Norton, so I figured I would ask how others feel about this weird situation hew as in.

Thanks.

Continue reading What resources/organizations should we submit applications to for testing, to prevent Anti-Virus "False-Positives?"→

How effective is MAC whitelisting on a Wireless Access Point?

Posted on July 6, 2016 by Lutefisk

For the sake of context, let’s say I set up my home router with WPA2, a strong passphrase and I whitelisted all of my devices.

I know the data is encrypted, but is the layer 2 header encrypted as well? Ultimately, is it po… Continue reading How effective is MAC whitelisting on a Wireless Access Point?→

Firefox 47 Fixes 13 Vulnerabilities, Removes Click-To-Activate Plugin Whitelist

Posted on June 8, 2016 by Chris Brook

Mozilla fixed 13 security issues, including two critical vulnerabilities that could have led to spoofing and clickjacking, among other issues, when it updated Firefox to the latest build, Firefox 47, this week.
Continue reading Firefox 47 Fixes 13 Vulnerabilities, Removes Click-To-Activate Plugin Whitelist→

A first shot at false positives

Posted on February 10, 2015 by Emiliano Martinez

Every so often an antivirus detecting a legitimate file hits the headlines, this usually happens when a given vendor mistakenly marks as malicious a file belonging to a widespread software package, for example, a key operating system file.These mistake… Continue reading A first shot at false positives→

A first shot at false positives

Posted on February 10, 2015 by Emiliano Martinez

Is blocking a country’s access to a website a good measure to avoid hackers from that country?

Posted on November 3, 2014 by Luis Arriojas

I am located in Venezuela right now, and for the whole weekend have been unable to access grubhub.com and seamless.com.

Finally, I tried using the Tor Browser and got access. The same thing happened in January when I tried to access the p… Continue reading Is blocking a country’s access to a website a good measure to avoid hackers from that country?→

Lua loadstring, whitelisting against injection

Posted on August 22, 2013 by Lyndon White

I need to take input from the user of a simple bit of math, they want to solve.
Rather than parse there input myself, I want to just use the lua, loadstring function to load their input and evaluate it.

But I don’t want to let them execut… Continue reading Lua loadstring, whitelisting against injection→