Hello everyone! My employer wants a grey-list that's made to warn users of applications that need to be upgraded and also a black-list of applications that a system uses to scan the servers for unwanted software that the program then blocks. Both lists have to contain the names of a few files from each program for it to be usable. Also, the lists have to be made for the most used platforms - Linux and Windows. Now, there are thousands of applications that can be installed on a server and I have no clue where to start searching for this kind of information. Do I really need to download 10000 software titles and go through their directories for file names? In case you were wondering, and I know you are, they don't want any kind of security software to handle this, they insist on a hand-made list, so any help of getting information for this list is greatly appreciated.
Well I don't know about any of that lists and I guess it does not only help to now the file names. Maybe you have to do more to also match some lines inside the file to gather that information. If you have a list you also should think about how you manage things like fixed issues. So how do you split apps that once had a security risk from apps having such quite often. So I would try to get rid of that task to be honest because I don't think that this can be handled by one person only, neither organisatorical nor the coding. Maybe you can ask some security analyst companies if the have lists like that or information going nearly to that direction to create such list...
I agree completely, I'll have to figure out a way to demonstrate efficiently that this is just a completely dumb idea