Educause Security Discussion mailing list archives
Re: Spider scripts?
From: Mike Lococo <mike.lococo () NYU EDU>
Date: Wed, 29 Apr 2009 18:00:58 -0400
1) Try Spider 4 (2008), it moves from a filetype blacklist to a filetype whitelist. By scanning only likely document types (word, excel, pdf, email, etc), FP's are cut way down.Useful in a crunch, but we've seen sensitive data show up in unusual places, so you are going to be reducing visibility with this setting.
True, I did try to note that each of the practices I described has a cost in terms of the comprehensiveness of the scan. If unacceptable false-positive rates are keeping a project from getting off the ground, they are all reasonable trade-offs though. It's relatively easy to turn up the sensitivity on a regular scan once you've gotten started, but much harder to recover from negative experiences with FP's in pilot scans. - Mike
Current thread:
- Spider scripts? Theresa Semmens (Apr 29)
- <Possible follow-ups>
- Re: Spider scripts? Mike Lococo (Apr 29)
- Re: Spider scripts? Baumstein,Avi H (Apr 29)
- Re: Spider scripts? Sarazen, Daniel (Apr 29)
- Re: Spider scripts? Curt Wilson (Apr 29)
- Re: Spider scripts? Eric Case (Apr 29)
- Re: Spider scripts? Mike Lococo (Apr 29)
- Re: Spider scripts? Brad Judy (Apr 30)
- Re: Spider scripts? randy marchany (Apr 30)
- Re: Spider scripts? Mike Lococo (Apr 30)