The database was not initially accessible online. Only CDs containing the data sets were offered on the project’s website which made it impracticable to use for everyone who wanted to look up a single file or hash.

The Internet Storm Center (ISC) has converted the full set of hashes into an online application that can be checked on the new Find A Hash beta testing website.

The database of non-malicious software programs and files consists of 39,944,023 samples. Supported are the search for filenames and SHA1 or MD5 hashes.

We are using version 2.27 (December 2009). You can search for SHA1 or MD5 hashes. There are no Windows 7 hashes yet. NIST offers a Knoppix bootable CD that can be used to collect hashes. We are interested in adding more sources of hashes and would be interested in your hash collection if you have one to offer. Note: The NIST NSRL database only includes hashes of files from original install media. Currently, no patched versions are included. As a result, your hash may differ if that particular file was patched after the original release.

In addition to the NIST database, we also run a test agains the Team Cymru Hash Registry. It covers malware. If a match is found we will post a link to the respective page at Threatexpert.com (only for MD5 hashes right now).

The concentration on original install media and only unpatched files makes the database impracticable for many uses but the developer’s are asking for hash contributions to improve the database.

ProCon Latte is an add-on for the Firefox web browser that can block access to all websites except those that are listed in the whitelist. While the add-on provides access to many additional features like word based filters this article concentrates on using it to block all websites except whitelisted ones. The options of the add-on contain a form that can be filled with whitelisted urls. It is also possible to import a list of urls that should be added to the whitelist or right-click the current page and select the option to whitelist it.

It would not be a very good protection if anyone would be able to add new pages to the whitelist. This is where the password protection of the application comes into play. Once password protected only authorized users – those that enter the password correctly – can make changes to the add-on’s options. Several options are available to increase the security further by hiding the extension from the tools menu and status bar, preventing it from being disabled or uninstalled and by locking about:config so that it cannot be accessed.

Only two settings have to be changed in the options to add the security. The user has to check the Block All Traffic option in the Main Filter tab which will block all but whitelisted traffic. Then the whitelist has to be enabled by checking the Enable Whitelist box in the Whitelist tab. This is also the location to add new sites to the whitelist. Lastly the password has to be added by clicking on the Set Password button in the General tab.

Parents are probably best of to fill the whitelist together with their children by asking them about the pages that they like to view and telling them that they need to ask the parents if they cannot access a page so that the page can be enabled if appropriate.

A small notification bar will appear on top of pages that are not in the whitelist. Users with the password can override the limitation by entering the password to continue.

Is the application fool proof? Smart children might try and delete it from the user profile directory or edit the preferences so that the extension would not get loaded anymore. That’s however easily noticeable and only possible if access to the system itself is not restricted. Other possibility include booting into a live CD or using another web browser that is installed on the system.

The three first functions include a whitelist that contains email addresses, urls and cookies of sites that will always be accepted once you add them to the software. Whitelists are a great way to make sure that important mails and websites will never get blocked. I´am not able to list all of its functions and some are actually not even implemented yet. The software will offer for instance a anonymous proxy switch, a worm hunter and an email examiner.

It still offers some valuable tools like a windows, office and browser cleaner, a password generator and a popup blocker. It should work with every browser and email client, that is at least what they state in their faqs. This freeware might be worth a look if you are looking for a software that covers most of your security and privacy needs. Let me know if you try it out and how you like it.