Webwasher 6.0.1 Anti-Malware User's Guide - McAfee

More documents

Recommendations

Info

Content Security 4–36 Dynamic Link Libraries The Dynamic Link Libraries section allows you to configure actions for dynamic link libraries that are potentially malicious. These are downloaded in a stand-alone manner. This code may be openly hostile, i .e. perform operations that are usually and primarily performed by hostile mobile code, e. g. usage of vulnerable functionality. The code may also perform only operations that are performed by all kinds of mobile code, i. e. including code that is not hostile. These operations may, however, open the door for hostile operations that are performed at a later point of time, e. g. write access to local files. You can configure actions with regard to all of these operations. You can also configure different actions according to whether the probability that the code in question will perform these operations is medium or high. If you want to use the options provided in this section, mark the checkbox next to the section heading. After specifying this setting or modifying any other setting in this section, click on Apply Changes to make these settings effective. Use the drop-down lists in the following areas to configure actions for dynamic link libraries: • Operations primarily performed by hostile mobile In this area, select actions with regard to the: — Dynamic creation of program code This includes the programmatic evaluation of (formerly obfuscated) program code. — Usage of vulnerable functionality This functionality is located in the host environment, e. g. the Web browser or the Java VM. • Operations primarily performed by all kinds of mobile code In this area, also select actions with regard to: — Read access to local files This includes the programmatic evaluation of (formerly obfuscated) program code.
— Write access to local files This also includes locally mounted network shares. — Read access to the registry Content Security This includes operations like opening registry keys and reading registry values. — Write access to the registry This includes the creation and deletion of registry keys, as well as the modification of registry values. — Access to the network With this operation, code may be classified as potentially malicious regardless of the transport direction and application-level protocol. — Dynamic loading of program code This includes the instantiation of COM servers (as with ActiveX controls). — Access to other processes 4.3.11 DLL Analysis Options An example of this is usage of Interprocess Communication (IPC) functionality. The DLL Analysis Options tab looks like this: 4–37
Page 1 and 2:
USER’S GUIDE Webwasher Anti-Malwa
Page 3 and 4:
Contents Chapter 1 Introduction ...
Page 5:
Contents 4.9 Proactive Scanning Cac
Page 8 and 9:
Introduction 1.1 About This Guide T
Page 10 and 11:
Introduction 1.3.1 First Level Tabs
Page 12 and 13:
Introduction 1-6 Otherwise, you cou
Page 14 and 15:
Introduction 1-8 When you are attem
Page 16 and 17:
Introduction 1-10 Search A Search i
Page 18 and 19:
Introduction 1.4.1 Documentation on
Page 20 and 21:
Introduction 1.5 The Webwasher Prod
Page 23 and 24:
Home Chapter 2 The features that ar
Page 25 and 26:
2.2.1 Overview (Feature) The Overvi
Page 27 and 28:
System Summary The System Summary s
Page 29 and 30:
2.3 Support 2.3.1 Support Home The
Page 31 and 32:
2.4 Feedback Home The Feedback opti
Page 33 and 34:
URL Filter Database Feedback The UR
Page 35 and 36:
Home The default interval is 240 mi
Page 37 and 38:
Use the following items to configur
Page 39 and 40:
Home Using this section, you can ad
Page 41 and 42:
2.5.1 Documentation on Main Product
Page 43 and 44:
2.5.2 Documentation on Special Prod
Page 45 and 46:
Home To view any of the documents l
Page 47 and 48:
They are described in the following
Page 49 and 50:
Home To what extent you are allowed
Page 51 and 52:
2.7.1 Information The Information t
Page 53 and 54:
To import a license, proceed as fol
Page 55 and 56:
Home After specifying the appropria
Page 57 and 58:
Common Chapter 3 The features that
Page 59 and 60:
3.2.1 Actions Common To do this, se
Page 61 and 62:
• Non-rectifiable media types wit
Page 63 and 64:
3.2.2 Media Type Black List The Med
Page 65 and 66:
Common This addition will be valid
Page 67 and 68:
Media Type White List The Media Typ
Page 69 and 70:
3.3 Document Inspector Common The D
Page 71 and 72:
Document Download Filter The Docume
Page 73 and 74:
Common This active content may be h
Page 75 and 76:
Common • Structured Storage docum
Page 77 and 78:
Archive Handling The Archive Handli
Page 79 and 80:
3.5.1 Generic Header Filter The Gen
Page 81 and 82:
3.6 Generic Body Filter Common The
Page 83 and 84:
Body Filter List The Body Filter Li
Page 85 and 86:
3.7.1 Settings • Dimension Filter
Page 87 and 88:
— Windows Common Enables or disab
Page 89 and 90:
— Applets Enables or disables the
Page 91 and 92:
Animation Filter The Animation Filt
Page 93 and 94:
3.7.2 Link Filter List Then check t
Page 95 and 96:
— do not filter Common Enable thi
Page 97 and 98:
Dimension Filter List The Dimension
Page 99 and 100:
3.8 Privacy Filters Common The Priv
Page 101 and 102:
Using this section, you can configu
Page 103 and 104:
Cookie Filter The Cookie Filter sec
Page 105 and 106:
3.8.2 Cookie Filter List The Cookie
Page 107 and 108:
3.9 The Cookie Filter List is displ
Page 109 and 110:
Text Categorization The Text Catego
Page 111 and 112: Text Categorization List The Text C
Page 113 and 114: 3.10 Common If the number of entrie
Page 115 and 116: White List The White List section l
Page 117 and 118: Common To sort the list in ascendin
Page 119 and 120: User Defined Categories The User De
Page 121 and 122: 3.12.1 Media Type Catalog The Media
Page 123 and 124: Common The media type tells the app
Page 125: Use the following items to perform
Page 128 and 129: Content Security 4.1 Overview 4.2 T
Page 130 and 131: Content Security 4-4 Virus Scanning
Page 132 and 133: Content Security 4.2.2 Potentially
Page 134 and 135: Content Security The options are ar
Page 136 and 137: Content Security 4-10 Depending on
Page 138 and 139: Content Security 4.3.2 Setup Wizard
Page 140 and 141: Content Security 4-14 In general, t
Page 142 and 143: Content Security 4.3.3 About 4-16 T
Page 144 and 145: Content Security 4-18 ActiveX Contr
Page 146 and 147: Content Security 4-20 ActiveX Analy
Page 148 and 149: Content Security 4-22 Windows Execu
Page 150 and 151: Content Security 4.3.7 General Opti
Page 152 and 153: Content Security 4-26 Malware Queue
Page 154 and 155: Content Security 4-28 Scan Other Me
Page 156 and 157: Content Security 4.3.8 Special Wind
Page 158 and 159: Content Security The checkbox is ma
Page 160 and 161: Content Security 4-34 Windows Execu
Page 164 and 165: Content Security 4-38 At the top of
Page 166 and 167: Content Security 4-40 Java Applets
Page 168 and 169: Content Security 4-42 Use the check
Page 170 and 171: Content Security 4-44 Java Applicat
Page 172 and 173: Content Security 4.3.14 JavaScript
Page 174 and 175: Content Security 4-48 — Usage of
Page 176 and 177: Content Security 4-50 Script Analys
Page 178 and 179: Content Security 4-52 You can confi
Page 180 and 181: Content Security 4-54 Note that the
Page 182 and 183: Content Security 4.3.16 Visual Basi
Page 184 and 185: Content Security 4-58 — Usage of
Page 186 and 187: Content Security 4-60 Forbid unknow
Page 188 and 189: Content Security 4-62 Using this se
Page 190 and 191: Content Security Use the following
Page 192 and 193: Content Security 4-66 Unsigned Cont
Page 194 and 195: Content Security 4-68 You can confi
Page 196 and 197: Content Security 4-70 Certificate A
Page 198 and 199: Content Security 4-72 Note that bes
Page 200 and 201: Content Security 4-74 Software Vend
Page 202 and 203: Content Security 4.5 Embedded Objec
Page 204 and 205: Content Security 4-78 They can be u
Page 206 and 207: Content Security 4.5.2 ActiveX List
Page 208 and 209: Content Security 4-82 — Add to Ac
Page 210 and 211: Content Security 4.6.1 Embedded Scr
Page 212 and 213:
Content Security This feature requi
Page 214 and 215:
Content Security 4-88 So, you can b
Page 216 and 217:
Content Security 4.8.1 Global Trust
Page 218 and 219:
Content Security 4.9 • Delete Sel
Page 220:
Content Security 4-94 After modifyi
show all

Webwasher 6.0.1 Anti-Malware User's Guide - McAfee

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?