Pros & Cons to Blocking Java Files, and Which Ones to Block

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Pros & Cons to Blocking Java Files, and Which Ones to Block

L1 Bithead

Hey guys,

 

I've inherited a ruleset that is blocking Java CLASS file downloads, but not Java JAR files. I am not a Java developer and have very limited knowledge of the particulars relating to these files as potential threat vectors. But I have seen nothing in my initial research that leads me to believe this was an intentional, justified policy. I can't see any reason why CLASS files would represent a larger concern than JAR files, and the rational thing to do would be either 1) unblock CLASS files as well (and rely on client-side mitigations for protection), or 2) block JAR files as well (if anything JAR seems like a greater threat, due to its ability to contain other malicious payloads). 

 

I'm curious on the thoughts others might have on this.

 

Is there a good reason to CLASS files exclusively? Is there a good reason to not block JAR files? Is blocking Java file downloads outright worth the added overhead to maintain such a policy?

 

As far as this particular environment goes, it looks like the scope of CLASS file download attempts are pretty minimal in any case. With threat prevention scanning and other mitigations in place, I don't feel the risk here is that large. But if the risk is large enough to warrant continuing to block them, it would make sense to me that I should also be blocking the JAR files.

1 REPLY 1

L0 Member

This is a good question. 

Dealing with this situation and unsure of what to do.. ?

Any suggestion would be appreciated 

 

  • 3053 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!