cancel
Showing results for 
Search instead for 
Did you mean: 
rvp1000
Level 7

Is possible to configured HIPS policies or rules to the application registered MD5 application signature

With custom policies and rules created for specific application sometime it doesn't pinpoint the application full functionality. I.e. only allow the application installation to work but other features such uninstall and functions and components of the applications are blocked by HIPS...

Is possible to configured HIPS policies or rules to the application registered MD5 application signature?

Also is there a way to upload or created a definition to the existing EPO trusted application list when creating a trusted application policy on the eEPO?

Reference

MD5 Footprint.

http://en.wikipedia.org/wiki/MD5

In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. Specified in RFC 1321, MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files. However, it has been shown that MD5 is not collision resistant;[1] as such, MD5 is not suitable for applications like SSL certificates or digital signatures that rely on this property. An MD5 hash is typically expressed as a 32-digit hexadecimal number.

0 Kudos
1 Reply
bgable
Level 11

Re: Is possible to configured HIPS policies or rules to the application registered MD5 application signature

You can specify the application hash in 7.0 for firewall rules and application blocking rules.  You cannot for IPS customer signatures.

This functionality is coming in HIP 8.0. In addition, you can specifiy by digital cert or signer.

8.0 will also integrate with Secure Computing for a dynamic list of trusted applications.

0 Kudos