Anyone using ThreatLocker ?
It appears as though the hash changes for the Open Dental executable on a regular basis with updates, etc. Same goes with the updatefilecopier.exe.
Does Open Dental keep an updated list of hash information so I.T. support can update ThreatLocker rules prior to an update or does the hash on these files consistently change for some reason? We are running in to issues with ThreatLocker constantly requiring an approval request after Open Dental is shut down and re-started and based on our audits the hash changes on the executables which is what is causing this issue.
For Open Dental Developers - Any chance you could contact ThreatLocker and work with them to catalog your file updates so we can automatically be updated with ThreatLocker exclusions?
Thanks
ThreatLocker
- jordansparks
- Site Admin
- Posts: 5746
- Joined: Sun Jun 17, 2007 3:59 pm
- Location: Salem, Oregon
- Contact:
Re: ThreatLocker
Let's talk for a moment about how whitelisting works when using Windows Security Policy instead of ThreatLocker. In Windows, you can specify a path, a certificate, or a hash. Both path and certificate would allow Open Dental to run, and only the hash would block our updates. I tried to look for something similar in ThreatLocker, but they don't have any documentation online, so I sort of hit a brick wall. But it certainly seems reasonable that they would allow a rule based on our certificate.
Oh wait. I found it.
https://threatlocker.kb.help/trusting-a ... rtificate/
Oh wait. I found it.
https://threatlocker.kb.help/trusting-a ... rtificate/
Jordan Sparks, DMD
http://www.opendental.com
http://www.opendental.com