26
Jun

Forget Virus Scanners

   Posted by: Joshbw   in Uncategorized

Add Comment

Does anyone know of a decent program that allows you to whitelist which executables may be loaded (even better would be executables, dlls, and assemblies but that would be a bit of a headache to manage)? Conceptually it shouldn’t be that hard to write – just poll the running processes and kill any not in the list as soon as you see them but I don’t really want to take the time to create a whitelist of all of the OS components and services myself (compiling a list of applications I execute is work enough). It seems like a whitelist of executables is way easier to maintain, way less invasive, and potentially much more effective than the signature based virus scanners.

~ Joshbw

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • Live
This entry was posted on Friday, June 26th, 2009 at 9:56 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

One comment

Anonymous
 1 

Marcus Ranum comes to the same conclusion and plays with some various software here that does just that.

http://www.ranum.com/security/computer_security/editorials/antivirus/index.html

August 22nd, 2009 at 2:52 am

Leave a reply

Name (*)
Mail (will not be published) (*)
URI
Comment

Back to top