[ZendTo] Antwort: Re: Antwort: Re: Antwort: Re: Security Issue - Data Leakage Prevention
patrick.gaikowski at kaufland.com
patrick.gaikowski at kaufland.com
Thu Mar 1 12:28:02 GMT 2012
Do you have a hint for me how i can use for example the regex from
preferences to check against entered email, if the user is not logged in
By the way, an email blacklisting is from my point of view not only a
request from me!
Mit freundlichen Grüßen / Best regards
Patrick Gaikowski
Tel: +49 7132 94 3568
Fax: +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk Design und
IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg
http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!
Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163
Jules <Jules at zend.to>
Gesendet von:
zendto-bounces at zend.to
ZendTo Users <zendto at zend.to>
01.03.2012 13:12
Thema
[ZendTo] Re: Antwort: Re: Antwort:
Bitte antworten Re: Security Issue - Data Leakage
an Prevention
ZendTo Users
<zendto at zend.to>
There is a setting in preferences.php called "emailDomainRegexp". This must
match any recipient address entered by a user who has not logged in.
There are currently no IP-based filters to implement checks like "if the
user comes from this IP network, then they cannot send files to this email
domain".
But if you want to implement it yourself, you have the source code and the
rights to be able to change it for your own purposes.
I've never had any other request for something like this, so have no plans
to implement it myself.
Jules.
On 01/03/2012 11:27, patrick.gaikowski at kaufland.com wrote:
Hi Jules,
USB is prohibited in our company and Personal Network Storages like
dropbox etc. are blocked because of Contentfilter.
Users from company who have the right in LDAP should upload files to
anywhere they want. The is a workflow behind requesting this right.
But my focus is if a user has not the right for logging in. In this
case he makes a dropoff to his own address in company, because
Freemail addresses are also blocked because of Content Filter.
Is there a possibility to check the email in the verify.php if the
user is unregistered?
Mit freundlichen Grüßen / Best regards
Patrick Gaikowski
Tel: +49 7132 94 3568
Fax: +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk Design und
IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg
http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!
Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163
Inactive
hide details for Jules ---01.03.2012
12:22:00---Jules
<Jules at zend.to>Jules ---01.03.2012
12:22:00---Jules <Jules at zend.to>
Jules <Jules at zend.to>
Gesendet von:
zendto-bounces at zend.to
01.03.2012 12:18 ZendTo Users
<zendto at zend.to>
Bitte antworten an
ZendTo Users
<zendto at zend.to> Thema
[ZendTo] Re: Antwort: Re:
Security Issue - Data
Leakage Prevention
On 01/03/2012 11:04, patrick.gaikowski at kaufland.com wrote:
Hello Jules,
yes i mean someone working for my company.
My idea would be some kind of "blacklist" for email domains
used in unregistered dropoff. Is there a possibility to
implement it?
I don't quite see why this is only a problem with "unregistered
users", by which I guess you mean people from your own company who
haven't logged in?
People who have logged in will be able to do the same.
Note that ZendTo does log the IP address a drop-off came from, so you
would be able to see who had done it by looking through your logs.
Why doesn't the user just copy it onto a USB stick that they have in
their pocket? Surely that's simpler? Or upload it to any of the
various free cloud storage services there are (such as Dropbox,
Evernote, iCloud, SkyDrive, etc etc)?
Jules.
What other things can a do, not to prevent it completely, but
decrease the possibility.
Mit freundlichen Grüßen / Best regards
Patrick Gaikowski
Tel: +49 7132 94 3568
Fax: +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk Design
und IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg
http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!
Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163
Inactive
hide details for Jules ---01.03.2012
10:28:39---Jules
<Jules at zend.to>Jules
---01.03.2012 10:28:39---Jules <Jules at zend.to>
Jules <Jules at zend.to>
Gesendet von:
zendto-bounces at zend.to
ZendTo Users
01.03.2012 10:25 <zendto at zend.to>
Thema
Bitte antworten an [ZendTo] Re: Security
ZendTo Users Issue - Data Leakage
<zendto at zend.to> Prevention
By "unregistered user" do you mean someone who works for your
company? If so, ZendTo won't stop them stealing files from your
company. No-one can stop that unless you cavity search your
employees at the end of each working day.
Jules.
On 29/02/2012 17:06, patrick.gaikowski at kaufland.com wrote:
Hallo Jules,
one of my colleagues pointed a scenario out where he
could upload a file to outside the company without rights
to do it.
For us it is a big security issue!
1.) unregistered user clicks on Drop-Off and sends an
email to his company email address
2.) unregistered user uploads a file from company network
to his own company email address
3.) unregistered user forwards the upload information to
his private email address from Mail Client
4.) unregistered user Picks up the file from his private
PC
My question is, if it is possible to exclude the company
email domains, like defined in preferences.conf, from
getting an upload link to corporate email without
Authorization?
Mit freundlichen Grüßen / Best regards
Patrick Gaikowski
Tel: +49 7132 94 3568
Fax: +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk
Design und IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg
http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!
Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng CITP CEng
www.Zend.To
Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415
B654
'It's okay to live without all the answers' - Charlie Eppes,
2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
I see it shining plain,
The happy highways where I went,
And cannot come again.' - A.E. Houseman
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng CITP CEng
www.Zend.To
Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
I see it shining plain,
The happy highways where I went,
And cannot come again.' - A.E. Houseman
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng CITP CEng
www.Zend.To
Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
I see it shining plain,
The happy highways where I went,
And cannot come again.' - A.E. Houseman
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/63c15c45/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/63c15c45/attachment-0002.gif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/63c15c45/attachment-0003.gif
More information about the ZendTo
mailing list