WebApp Sec mailing list archives
Re: White List Proxy ?
From: "Larry C CUMMINGS" <Larry.Cummings () EWEB Eugene OR US>
Date: Mon, 05 Mar 2007 11:43:58 -0800
As a "power user" or one more alert to technical and security issues I would like the option of overriding the white or black list some way - at least temporarily. As someone who has to support somewhat novice users I would want to restrict their ability to override the list. A dilemma. I like the scenario that GWAVA uses for Novel GroupWise email. < http://www.gwava.com I am not necessarily recommending this specific product. > If an item is determined to be spam it gets put in quarantine. Every so often an email is delivered to the user with a list of quarantined emails addressed to them over the last period. The list specifies why the email was rejected - SPAM, Content, or because it is from a known list sender. The user can choose to release the email from quarantine or just delete the whole notification. It would be nice if there was something analogous for what you want. Would also be nice if different users could be given different rights levels within the system. * Larry
On 3/2/2007 at 11:42 AM, "McCarty, Eric C." <emccarty () er ucsd edu>
wrote:
After considering possible defenses to the multitude of web attacks
that
continue to surface, I keep coming to the conclusion that white lists
are the
way to go. Unfortunately as we all know, white lists are difficult to
maintain and often overly restrictive. What I imagined is a type of white list proxy which examines website
content
before feeding it to the user, it determines if there is any
malicious code
in the page, if there is it will deny the page to the user, if not it
will
provide it to the user and add the site to the white list for 24
hours.
This technique would be similar to how antivirus works in scanning
files
before allowing open/run actions. Does anyone know of software that currently does this or something
similar?
Thoughts ? Eric McCarty
-------------------------------------------------------------------------
Sponsored by: Watchfire The Twelve Most Common Application-level Hack Attacks Hackers continue to add billions to the cost of doing business
online
despite security executives' efforts to prevent malicious attacks.
This
whitepaper identifies the most common methods of attacks that we have
seen,
and outlines a guideline for developing secure web applications. Download today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008fHe
-------------------------------------------------------------------------- ------------------------------------------------------------------------- Sponsored by: Watchfire Testing web application for security vulnerabilities? Try AppScan 7.0®. F eatures that include Privilege Escalation Testing, Complex Authentication Support and Validation Highlighting and Reasoning are just some of the reasons more security professionals trust AppScan than any other solution. Change the way you think about application security testing - download AppScan today! https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008fHZ --------------------------------------------------------------------------
Current thread:
- White List Proxy ? McCarty, Eric C. (Mar 05)
- Re: White List Proxy ? Larry C CUMMINGS (Mar 05)
- RE: White List Proxy ? Paul Melson (Mar 07)