Educause Security Discussion mailing list archives

Re: Spider scripts?

From: Mike Lococo <mike.lococo () NYU EDU>
Date: Wed, 29 Apr 2009 18:00:58 -0400

1) Try Spider 4 (2008), it moves from a filetype blacklist to a filetype
whitelist.  By scanning only likely document types (word, excel, pdf,
email, etc), FP's are cut way down.


Useful in a crunch, but we've seen sensitive data show up in unusual
places, so you are going to be reducing visibility with this setting.


True, I did try to note that each of the practices I described has a
cost in terms of the comprehensiveness of the scan.  If unacceptable
false-positive rates are keeping a project from getting off the ground,
 they are all reasonable trade-offs though.  It's relatively easy to
turn up the sensitivity on a regular scan once you've gotten started,
but much harder to recover from negative experiences with FP's in pilot
scans.

- Mike

Current thread:

Spider scripts? Theresa Semmens (Apr 29)
- <Possible follow-ups>
- Re: Spider scripts? Mike Lococo (Apr 29)
- Re: Spider scripts? Baumstein,Avi H (Apr 29)
- Re: Spider scripts? Sarazen, Daniel (Apr 29)
- Re: Spider scripts? Curt Wilson (Apr 29)
- Re: Spider scripts? Eric Case (Apr 29)
- Re: Spider scripts? Mike Lococo (Apr 29)
- Re: Spider scripts? Brad Judy (Apr 30)
- Re: Spider scripts? randy marchany (Apr 30)
- Re: Spider scripts? Mike Lococo (Apr 30)