[Dailydave] NSRL status check
Gadi Evron
ge at linuxbox.org
Mon Dec 11 16:07:01 EST 2006
On Mon, 11 Dec 2006 dan at geer.org wrote:
>
> The National Software Reference Library has or had a listing of the
> hash values for known good software, known good in the sense of
> what is on installation media or what otherwise still has its
> integrity intact.
>
> I say "has or had" as on first glance it appears that this listing
> is stationary since sometime in 2004. Would someone here know the
> history and fate of this list? On the face of it such a list seems
> useful in forensic situations at least.
Zone Labs (now CheckPoint) has their own listing. They whitelist known
programs. "X per cent of our users believe this program is good". That way
people can make more educated decisions on programs which want to connect
to the Internet. Blacklisting bad files is not practical, or it would be
yet another almost useless anti virus.
Naturally, this has a lot of applications.
Gadi.
> --dan
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
More information about the Dailydave
mailing list