4 Replies Latest reply on Sep 9, 2014 8:24 AM by Don_Martin

    ScriptScan 8.7i & 8.8 - using Wildcards

    Don_Martin

      Hello,

       

      we have several SAP instances with which we would have severe performance problems when not defining them into the ScriptScan Exclusions. Meanwhile there are 150+ instances listet within and it is getting awful. I know wildcards are not recommended nor explicit allowed (KB65382) but either it is not explicit forbidden in the existing KB-Article.

       

      Question is now: Is ScriptScan not supposed to make use of Wildcards (and simply disregard the specific exclusion with Wildcard) or is it just not recommended? Sorry for my laziness

       

      greetings

        • 1. Re: ScriptScan 8.7i & 8.8 - using Wildcards
          ansarias

          Hope below notes will help you:

          • Do not use wild card characters.
          • Partial URLs can be used. Be cautious when specifying partial matches to avoid excluding scripts from unexpected web sites. For example, adding only www as would exclude scripts from any source that contains the characters www in the URL.
          • You must enable Browser Helper Objects.
          • McAfee suggests that you use only Fully Qualified Domain Names and NetBIOS names.
          • If your DNS server records contain CNAME entries for a particular URL, exclude them. 
          • Web pages can run scripts hosted on other sites or locations. If you require access to a script hosted on another site, you must also exclude the URL of the host site.
          • Do not include port numbers in exclusions. If a port number is specified, the exclusion will be ignored as invalid.
          • 2. Re: ScriptScan 8.7i & 8.8 - using Wildcards
            Don_Martin

            This is exactly the Information out of the mentioned KB-Articel within my opening post. Thank you for reply but no, this does not help at all nor answers the question.

             

            Will ScriptScan exclusions disregarded when Wildcards are used (SAP*.Domain.Name <- as example)? I am sorry if the question was not well formed. My english is not as good as it should be, especially in not technical manners

            • 3. Re: ScriptScan 8.7i & 8.8 - using Wildcards
              ansarias

              As far I know about McAfee it should work without any issues.

              • 4. Re: ScriptScan 8.7i & 8.8 - using Wildcards
                Don_Martin

                This is what I hope for but before opening a SR I would like to know if someone can tell out of his or her experiences in making use of Wildcards. I do not want to be called in the upcoming days or weeks and get something to here like "sometimes it is working but sometimes it is not".

                 

                I am really carefull after several years with McAfee (no harm intended) *grin*