On Wed, 7 Oct 2009, Joseph Kern wrote: > Does anyone have experience with using application whitelisting on > user workstations? This would be used instead of anti-virus.
the problem with doing this _instead_ of AV is that many vunerabilities come through 'data' files, and then go on to infect legitimate files. so just whitelisting isn't going to be enough, you are going to also need to do tamper detection (tripwire or equivalent) you also are going to have to figure out how to deal with users wanting to install things like browser toolbars and plugins. David Lang > Any help or opinions will be most welcome. I am interested in doing a > few experiments, and comparing different products. I want to test the > complexity and viability of using a whitelist on a single workstation > instead of an AV product that needs updating. > > It seems to be hard even locating free demos of any software. I've > been googling around a bit, but real opinions are more valuable than > white papers. > > 1. What whitelisting applications have you tried? > 2. What did you like? > 3. What did you dislike? > > Thanks. > > -- Joseph Kern > _______________________________________________ > Discuss mailing list > [email protected] > http://lopsa.org/cgi-bin/mailman/listinfo/discuss > This list provided by the League of Professional System Administrators > http://lopsa.org/ > _______________________________________________ Discuss mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
