cancel
Showing results for 
Search instead for 
Did you mean: 

ScriptScan 8.7i & 8.8 - using Wildcards

Hello,

we have several SAP instances with which we would have severe performance problems when not defining them into the ScriptScan Exclusions. Meanwhile there are 150+ instances listet within and it is getting awful. I know wildcards are not recommended nor explicit allowed (KB65382) but either it is not explicit forbidden in the existing KB-Article.

Question is now: Is ScriptScan not supposed to make use of Wildcards (and simply disregard the specific exclusion with Wildcard) or is it just not recommended? Sorry for my laziness

greetings

4 Replies

Re: ScriptScan 8.7i & 8.8 - using Wildcards

Hope below notes will help you:

  • Do not use wild card characters.
  • Partial URLs can be used. Be cautious when specifying partial matches to avoid excluding scripts from unexpected web sites. For example, adding only www as would exclude scripts from any source that contains the characters www in the URL.
  • You must enable Browser Helper Objects.
  • McAfee suggests that you use only Fully Qualified Domain Names and NetBIOS names.
  • If your DNS server records contain CNAME entries for a particular URL, exclude them. 
  • Web pages can run scripts hosted on other sites or locations. If you require access to a script hosted on another site, you must also exclude the URL of the host site.
  • Do not include port numbers in exclusions. If a port number is specified, the exclusion will be ignored as invalid.

Re: ScriptScan 8.7i & 8.8 - using Wildcards

This is exactly the Information out of the mentioned KB-Articel within my opening post. Thank you for reply but no, this does not help at all nor answers the question.

Will ScriptScan exclusions disregarded when Wildcards are used (SAP*.Domain.Name <- as example)? I am sorry if the question was not well formed. My english is not as good as it should be, especially in not technical manners

Re: ScriptScan 8.7i & 8.8 - using Wildcards

As far I know about McAfee it should work without any issues.

Re: ScriptScan 8.7i & 8.8 - using Wildcards

This is what I hope for but before opening a SR I would like to know if someone can tell out of his or her experiences in making use of Wildcards. I do not want to be called in the upcoming days or weeks and get something to here like "sometimes it is working but sometimes it is not".

I am really carefull after several years with McAfee (no harm intended) *grin*