Dailydave mailing list archives
Re: NSRL status check
From: Gadi Evron <ge () linuxbox org>
Date: Mon, 11 Dec 2006 15:07:01 -0600 (CST)
On Mon, 11 Dec 2006 dan () geer org wrote:
The National Software Reference Library has or had a listing of the hash values for known good software, known good in the sense of what is on installation media or what otherwise still has its integrity intact. I say "has or had" as on first glance it appears that this listing is stationary since sometime in 2004. Would someone here know the history and fate of this list? On the face of it such a list seems useful in forensic situations at least.
Zone Labs (now CheckPoint) has their own listing. They whitelist known programs. "X per cent of our users believe this program is good". That way people can make more educated decisions on programs which want to connect to the Internet. Blacklisting bad files is not practical, or it would be yet another almost useless anti virus. Naturally, this has a lot of applications. Gadi.
--dan _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- NSRL status check dan (Dec 11)
- Re: NSRL status check Gadi Evron (Dec 12)
- Re: NSRL status check Joanna Rutkowska (Dec 12)
- Re: NSRL status check Kevin Stadmeyer (Dec 12)
- <Possible follow-ups>
- Re: NSRL status check Holt Sorenson (Dec 12)
- Re: NSRL status check Lance Spitzner (Dec 12)
- Re: NSRL status check Joanna Rutkowska (Dec 12)