* Alex Eckelberry: > I dislike whitelisting. Certainly practical for data entry clerks and > the like, but I suspect it becomes a royal PITA when you get into other > types of users. Plus managing software updates, etc.
You should insist on AuthentiCode signatures from your vendors. After that, you only need to maintain a list of vendors. (It doesn't help against exploits which don't use files as vectors, of course. But AV has lots of trouble with that, too.) -- Florian Weimer <[EMAIL PROTECTED]> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
