Closed Bug 638191 Opened 14 years ago Closed 8 years ago

periodically run map reduce job to surface un-versioned .dlls that might be malware

Categories

(Socorro :: General, task)

Product:
Socorro
Component:
General
Platform:
x86
macOS
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: chofmann, Unassigned)

References

Details

turns out the module list shows many .dll's that are un-versioned and are possible sources of malware. having a list of these .dll's by signature would help us to spot signatures that possibly are associated with malware running on the system, and maybe even figure out a way to reverse engineer the .dll renaming algorithm, and detect malware .dlls so we could e-mail back users when we spot something suspicious. some of this is going on in Bug 638139 and an example of the kind of report that we need is in https://bug638139.bugzilla.mozilla.org/attachment.cgi?id=516347 the report their is a quick hack on a limited set of reports, so to do this right we need a map reduce job.
I think this one needs to be part of the more general look into malware crashes in bug 439679 - The dependency I'm marking here is more like a "related bug" marker, actually.
Depends on: 439679
Component: Socorro → General
Product: Webtools → Socorro
no more map/reduce
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.