Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: White List Proxy ?

from [Larry C CUMMINGS] Network Security [Permanent Link]
Subject: Re: White List Proxy ?
Date: Mon, 05 Mar 2007 11:43:58 -0800 
As a "power user" or one more alert to technical and security issues I
would like the  option of overriding the white or black list some way -
at least temporarily.

As someone who has to support somewhat novice users I would want to
restrict their ability to override the list.  A dilemma.

I like the scenario that GWAVA uses for Novel GroupWise email. < 
http://www.gwava.com  I am not necessarily recommending this specific
product. > If an item is determined to be spam it gets put in
quarantine.  Every so often an email is delivered to the user with a
list of quarantined emails addressed to them over the last period.   The
list specifies why the email was rejected - SPAM, Content, or because it
is from a known list sender.  The user can choose to release the email
from quarantine or just delete the whole notification.

It would be nice if there was something analogous for what you want. 
Would also be nice if different users could be given different rights
levels within the system.

* Larry


On 3/2/2007 at 11:42 AM, "McCarty, Eric C." <emccarty@er.ucsd.edu>

wrote:

After considering possible defenses to the multitude of web attacks

that 

continue to surface, I keep coming to the conclusion that white lists

are the 

way to go. Unfortunately as we all know, white lists are difficult to



maintain and often overly restrictive.
 
What I imagined is a type of white list proxy which examines website

content 

before feeding it to the user, it determines if there is any

malicious code 

in the page, if there is it will deny the page to the user, if not it

will 

provide it to the user and add the site to the white list for 24

hours. 

 
This technique would be similar to how antivirus works in scanning

files 

before allowing open/run actions. 
 
Does anyone know of software that currently does this or something

similar? 

Thoughts ?
 
Eric McCarty



-------------------------------------------------------------------------

Sponsored by: Watchfire

The Twelve Most Common Application-level Hack Attacks
Hackers continue to add billions to the cost of doing business

online

despite security executives' efforts to prevent malicious attacks.

This

whitepaper identifies the most common methods of attacks that we have

seen,

and outlines a guideline for developing secure web applications.
Download today!



https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008fHe




--------------------------------------------------------------------------

-------------------------------------------------------------------------
Sponsored by: Watchfire

Testing web application for security vulnerabilities? Try AppScan 7.0®. F
eatures that include Privilege Escalation Testing, Complex Authentication 
Support and Validation Highlighting and Reasoning are just some of the 
reasons more security professionals trust AppScan than any other solution. 
Change the way you think about application security testing - 
download AppScan today!

https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008fHZ
--------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  HITBSecConf2007 - Malaysia: Call for Papers now Open, Praburaajan
Next by Date:  Black Hat USA CFP Now Open!, Jeff Moss
Previous by Thread:  White List Proxy ?, McCarty, Eric C.
Next by Thread:  RE: White List Proxy ?, Paul Melson
Indexes:  [Date] [Thread] [Top] [All Lists]