Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
What will cybersecurity software look like in the future, say 10-30 years from now?
Message
<blockquote data-quote="NoVirusThanks" data-source="post: 987281" data-attributes="member: 68429"><p>Blocking entirely a file type like .js .vbs .hta .ps1 etc is what I call hardening a system and a smart approach: if a script is known to be commonly abused to deliver malware and it is not widely used or not strictly needed, then block it and problem solved. No need to check if the script is malicious or not, the user can write exclusion rules if needed.</p><p></p><p>Same approach goes for commonly abused system processes like powershell.exe, certutil.exe, mshta.exe, bash.exe, etc.</p><p></p><p></p><p></p><p>Do you think so? Instead I think it is very good for hardening a system by blocking/disabling what is not needed, thus reducing the attack surface and the malware delivery methods.</p><p></p><p>If you need to execute a script that is blocked you can write exclusion rules, that's all.</p><p></p><p>I joined the conversation not to discuss about the topic but about this:</p><p></p><p></p><p></p><p>I personally believe there are probably better ways and words to express your opinion.</p><p></p><p>Because to me it sounds as you said "OS Armor blocks by file type" -> "blocking something by file type is really, really, really stupid."</p></blockquote><p></p>
[QUOTE="NoVirusThanks, post: 987281, member: 68429"] Blocking entirely a file type like .js .vbs .hta .ps1 etc is what I call hardening a system and a smart approach: if a script is known to be commonly abused to deliver malware and it is not widely used or not strictly needed, then block it and problem solved. No need to check if the script is malicious or not, the user can write exclusion rules if needed. Same approach goes for commonly abused system processes like powershell.exe, certutil.exe, mshta.exe, bash.exe, etc. Do you think so? Instead I think it is very good for hardening a system by blocking/disabling what is not needed, thus reducing the attack surface and the malware delivery methods. If you need to execute a script that is blocked you can write exclusion rules, that's all. I joined the conversation not to discuss about the topic but about this: I personally believe there are probably better ways and words to express your opinion. Because to me it sounds as you said "OS Armor blocks by file type" -> "blocking something by file type is really, really, really stupid." [/QUOTE]
Insert quotes…
Verification
Post reply
Top