Educause Security Discussion mailing list archives
Re: What's wrong with application whitelisting?
From: Russell Fulton <r.fulton () AUCKLAND AC NZ>
Date: Tue, 6 Apr 2010 08:12:34 +1200
As Joel says there is nothing wrong with whitelisting and we are looking at it for our labs (at least those where students are not doing program development) and for our administrative systems. It is the old case of horses for courses. I also agree that it is complementary to traditional AV not a substitute. As others have pointed out whitelisting works well in static environments -- where the corporate desktop rules :) for your average academic or grad student it is largely unworkable since they are forever trying out new stuff or actually doing development. Needing outside intervention to install something would really interfere with legitimate activity. I have one question about whitelisting since I have never actually worked with any of the systems: How do they deal with apps written in interpretive languages? If they just white list the interpreter then this seems like a big loophole -- thinking of the perl based botnets in the UNIX world... Russell
Current thread:
- What's wrong with application whitelisting? Watkins, Lewis (Apr 05)
- <Possible follow-ups>
- Re: What's wrong with application whitelisting? Gibson, Nathan J. (HSC) (Apr 05)
- Re: What's wrong with application whitelisting? John Ladwig (Apr 05)
- Re: What's wrong with application whitelisting? Basgen, Brian (Apr 05)
- Re: What's wrong with application whitelisting? Joel Rosenblatt (Apr 05)
- Re: What's wrong with application whitelisting? Russell Fulton (Apr 05)
- Re: What's wrong with application whitelisting? Eric Case (Apr 05)
- Re: What's wrong with application whitelisting? Brad Judy (Apr 06)
- Re: What's wrong with application whitelisting? Howe, Joe (Apr 06)
- Re: What's wrong with application whitelisting? Calcutt, Andrew (Apr 06)
- Re: What's wrong with application whitelisting? Russell Fulton (Apr 06)
- Re: What's wrong with application whitelisting? Jimi Schwar (Apr 07)
- Re: What's wrong with application whitelisting? Watkins, Lewis (Apr 20)
- Re: What's wrong with application whitelisting? Gene Spafford (Apr 20)
- Re: What's wrong with application whitelisting? Leo Song (May 13)
- Re: What's wrong with application whitelisting? Everett, Alex D (May 13)