Re: Help with Algorythm to test if a progrem is secure,
2007/11/12, Jabka Atu <mashrom.head@gmail.com>:
> -----BEGIN PGP SIGNED MESSAGE-----
> 1.Google / IRC for the program name || Security || Trojan ||
> hacks etc .. if found the don't use that program.
> 2.If possible read source code or give it to some body for finding stuff.
> 3.Install it on a Virtual Machine (qemu) on a pc without network
> connection (physical).
> Test for new open ports and Google for them.
> Test for pending connection (netstat -a 127.0.0.1)
> 4.Connect the Virtual machine to a small LAN (with a LOT of domains )
> search for iptables or other related strange logs.
> make some testes (Are there strange DNS quarries ? )
> 5.install and connect the pc to a real network.
Why do you use a blacklist approach?
1. Find an arbitrary program
2. Go to the (hopefully) limited number of sources you trust
3. Ask/Query them about the program
4. If it's whitelisted (known to be good) use it
5. otherwise drop it...
If you have the skills and time:
1. see above
2. examine source
3. if good: package it send it to other skilled people for examination
(with source/link of course)
4. add to your whitelist so that other people can refer to you
--
http://noneisyours.marcher.name
http://feeds.feedburner.com/NoneIsYours
Reply to: