[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Help with Algorythm to test if a progrem is secure,

2007/11/12, Jabka Atu <mashrom.head@gmail.com>:
> -----BEGIN PGP SIGNED MESSAGE-----
> 1.Google / IRC  for the program name || Security  ||  Trojan  ||
> hacks etc .. if found the don't use that program.
> 2.If possible read source code or give it to some body for finding stuff.
> 3.Install it on a Virtual Machine (qemu) on a pc without network
> connection (physical).
> Test for new open ports and Google for them.
> Test for pending connection (netstat -a 127.0.0.1)
> 4.Connect the Virtual machine to a small LAN (with a LOT of domains )
> search for iptables or other related strange logs.
> make some testes (Are there strange DNS quarries ? )
> 5.install and connect the pc to a real network.

Why do you use a blacklist approach?

1. Find an arbitrary program
2. Go to the (hopefully) limited number of sources you trust
3. Ask/Query them about the program
4. If it's whitelisted (known to be good) use it
5. otherwise drop it...

If you have the skills and time:
1. see above
2. examine source
3. if good: package it send it to other skilled people for examination
(with source/link of course)
4. add to your whitelist so that other people can refer to you

-- 
http://noneisyours.marcher.name
http://feeds.feedburner.com/NoneIsYours
Reply to: