Whitelist of update servers

• Previous message (by thread): Whitelist of update servers
• Next message (by thread): Whitelist of update servers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2012/3/12 Maverick <myeaddress at gmail.com>

> Like list of sites that operating systems or applications installed on
> your machines go to update themselves. One way could be to go on each
> vendors site and look at their update servers like
> microsoft.update.com but it would be good if there is a list of such
> servers for all OS and applications so that it could be used as a
> whitelist.
>
>
I stick with my original answer... sometimes.  I'm not sure if this is
different now, but I remember MS update being spoofed with bogus DNS
entries because the process is died to that dns name.  I think this is the
most popular method combined with some sort of encryption and/or signing to
verify the updates themselves.  I'm sure there are applications that use a
white list though.  There are alot of shops that update via some kind of
CDN, so the whitelist method is a bit combersome at scale and is not immune
to spoofing or other attacks.  The most secure thing is probably to protect
the updates themselves.

• Previous message (by thread): Whitelist of update servers
• Next message (by thread): Whitelist of update servers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]