[ZendTo] Re: Antwort: Re: Antwort: Re: Antwort: Re: Security Issue - Data Leakage Prevention
Jules
Jules at Zend.To
Thu Mar 1 14:20:14 GMT 2012
It has to match the regexp to be allowed, so you would probably need to
add a bit more code to block it if it matches another regexp, if the
connection is coming from the "localIPSubnets" networks.
So you will need to write a bit of code and add a new setting in
preferences.php, not just change a setting in there.
Does anyone else on the list need this feature too?
(When a drop-off comes from a localIPSubnet network and the user has not
logged in, if the destination email matches a certain regexp then block
the drop-off)
Please let me know if you folks need this feature! (Other than Patrick)
Jules.
On 01/03/2012 12:28, patrick.gaikowski at kaufland.com wrote:
>
> Do you have a hint for me how i can use for example the regex from
> preferences to check against entered email, if the user is not logged in
>
> By the way, an email blacklisting is from my point of view not only a
> request from me!
>
> Mit freundlichen Grüßen / Best regards
>
> Patrick Gaikowski
> Tel: +49 7132 94 3568
> Fax: +49 7132 94 73568
> E-Mail: patrick.gaikowski at kaufland.com
> KI 967850: IT International / IT Governance / Netzwerk Design und
> IT-Sicherheit
> Office:
> Lindichstrasse 11
> D-74189 Weinsberg
>
>
>
> http://www.kaufland.de
> http://www.spannende-it.de
> Wir sind die Nr. 1:
> Kaufland ist "Bester Lebensmittelmarkt 2011"!
>
> Kaufland Informationssysteme GmbH & Co. KG
> Postfach 12 53 - 74149 Neckarsulm
> Kommanditgesellschaft
> Sitz: Neckarsulm
> Registergericht: Stuttgart HRA 104163
>
>
>
>
>
> Inactive hide details for Jules ---01.03.2012 13:21:49---Jules
> <Jules at zend.to>Jules ---01.03.2012 13:21:49---Jules <Jules at zend.to>
>
> *Jules <Jules at zend.to>*
> Gesendet von: zendto-bounces at zend.to
>
> 01.03.2012 13:12
> Bitte antworten an
> ZendTo Users <zendto at zend.to>
>
>
>
>
> ZendTo Users <zendto at zend.to>
>
>
>
> Thema
>
> [ZendTo] Re: Antwort: Re: Antwort: Re: Security Issue - Data Leakage
> Prevention
>
>
>
>
> There is a setting in preferences.php called "emailDomainRegexp". This
> must match any recipient address entered by a user who has not logged in.
>
> There are currently no IP-based filters to implement checks like "if
> the user comes from this IP network, then they cannot send files to
> this email domain".
>
> But if you want to implement it yourself, you have the source code and
> the rights to be able to change it for your own purposes.
>
> I've never had any other request for something like this, so have no
> plans to implement it myself.
>
> Jules.
>
> On 01/03/2012 11:27, _patrick.gaikowski at kaufland.com_
> <mailto:patrick.gaikowski at kaufland.com> wrote:
>
>
> Hi Jules,
>
> USB is prohibited in our company and Personal Network Storages
> like dropbox etc. are blocked because of Contentfilter.
>
> Users from company who have the right in LDAP should upload files
> to anywhere they want. The is a workflow behind requesting this right.
>
> But my focus is if a user has not the right for logging in. In
> this case he makes a dropoff to his own address in company,
> because Freemail addresses are also blocked because of Content Filter.
>
> Is there a possibility to check the email in the verify.php if the
> user is unregistered?
>
> Mit freundlichen Grüßen / Best regards
>
> Patrick Gaikowski
> Tel: +49 7132 94 3568
> Fax: +49 7132 94 73568
> E-Mail: _patrick.gaikowski at kaufland.com_
> <mailto:patrick.gaikowski at kaufland.com>
> KI 967850: IT International / IT Governance / Netzwerk Design und
> IT-Sicherheit
> Office:
> Lindichstrasse 11
> D-74189 Weinsberg
>
>
> _
> __http://www.kaufland.de_ <http://www.kaufland.de/>_
> __http://www.spannende-it.de_ <http://www.spannende-it.de/>
> Wir sind die Nr. 1:
> Kaufland ist "Bester Lebensmittelmarkt 2011"!
>
> Kaufland Informationssysteme GmbH & Co. KG
> Postfach 12 53 - 74149 Neckarsulm
> Kommanditgesellschaft
> Sitz: Neckarsulm
> Registergericht: Stuttgart HRA 104163
>
>
>
>
>
> Inactive hide details for Jules ---01.03.2012 12:22:00---Jules
> <Jules at zend.to>Jules ---01.03.2012 12:22:00---Jules
> _<Jules at zend.to>_ <mailto:Jules at zend.to>
> *Jules **_<Jules at zend.to>_* <mailto:Jules at zend.to>
> Gesendet von: _zendto-bounces at zend.to_
> <mailto:zendto-bounces at zend.to>
>
> 01.03.2012 12:18
>
> Bitte antworten an
> ZendTo Users _<zendto at zend.to>_ <mailto:zendto at zend.to>
>
>
>
> ZendTo Users _<zendto at zend.to>_ <mailto:zendto at zend.to>
>
> Thema
>
> [ZendTo] Re: Antwort: Re: Security Issue - Data Leakage
> Prevention
>
>
>
>
>
>
> On 01/03/2012 11:04, _patrick.gaikowski at kaufland.com_
> <mailto:patrick.gaikowski at kaufland.com> wrote:
>
> Hello Jules,
>
> yes i mean someone working for my company.
>
> My idea would be some kind of "blacklist" for email domains
> used in unregistered dropoff. Is there a possibility to
> implement it?
> I don't quite see why this is only a problem with "unregistered
> users", by which I guess you mean people from your own company who
> haven't logged in?
>
> People who have logged in will be able to do the same.
>
> Note that ZendTo does log the IP address a drop-off came from, so
> you would be able to see who had done it by looking through your logs.
>
> Why doesn't the user just copy it onto a USB stick that they have
> in their pocket? Surely that's simpler? Or upload it to any of the
> various free cloud storage services there are (such as Dropbox,
> Evernote, iCloud, SkyDrive, etc etc)?
>
> Jules.
>
>
> What other things can a do, not to prevent it completely, but
> decrease the possibility.
>
> Mit freundlichen Grüßen / Best regards
>
> Patrick Gaikowski
> Tel: +49 7132 94 3568
> Fax: +49 7132 94 73568
> E-Mail: _patrick.gaikowski at kaufland.com_
> <mailto:patrick.gaikowski at kaufland.com>
> KI 967850: IT International / IT Governance / Netzwerk Design
> und IT-Sicherheit
> Office:
> Lindichstrasse 11
> D-74189 Weinsberg
>
> _
> __
> __http://www.kaufland.de_ <http://www.kaufland.de/>_
> __http://www.spannende-it.de_ <http://www.spannende-it.de/>
> Wir sind die Nr. 1:
> Kaufland ist "Bester Lebensmittelmarkt 2011"!
>
> Kaufland Informationssysteme GmbH & Co. KG
> Postfach 12 53 - 74149 Neckarsulm
> Kommanditgesellschaft
> Sitz: Neckarsulm
> Registergericht: Stuttgart HRA 104163
>
>
>
>
> Inactive hide details for Jules ---01.03.2012
> 10:28:39---Jules <Jules at zend.to>Jules ---01.03.2012
> 10:28:39---Jules _<Jules at zend.to>_ <mailto:Jules at zend.to>
> *Jules **_<Jules at zend.to>_* <mailto:Jules at zend.to>
> Gesendet von: _zendto-bounces at zend.to_
> <mailto:zendto-bounces at zend.to>
>
> 01.03.2012 10:25
>
>
>
> Bitte antworten an
> ZendTo Users _<zendto at zend.to>_ <mailto:zendto at zend.to>
>
>
>
> ZendTo Users _<zendto at zend.to>_ <mailto:zendto at zend.to>
>
> Thema
>
> [ZendTo] Re: Security Issue - Data Leakage Prevention
>
>
>
>
> By "unregistered user" do you mean someone who works for your
> company? If so, ZendTo won't stop them stealing files from
> your company. No-one can stop that unless you cavity search
> your employees at the end of each working day.
>
> Jules.
>
> On 29/02/2012 17:06, _patrick.gaikowski at kaufland.com_
> <mailto:patrick.gaikowski at kaufland.com> wrote:
>
> Hallo Jules,
>
> one of my colleagues pointed a scenario out where he could
> upload a file to outside the company without rights to do it.
>
> For us it is a big security issue!
>
> 1.) unregistered user clicks on Drop-Off and sends an
> email to his company email address
> 2.) unregistered user uploads a file from company network
> to his own company email address
> 3.) unregistered user forwards the upload information to
> his private email address from Mail Client
> 4.) unregistered user Picks up the file from his private PC
>
> My question is, if it is possible to exclude the company
> email domains, like defined in preferences.conf, from
> getting an upload link to corporate email without
> Authorization?
>
> Mit freundlichen Grüßen / Best regards
>
> Patrick Gaikowski
> Tel: +49 7132 94 3568
> Fax: +49 7132 94 73568
> E-Mail: _patrick.gaikowski at kaufland.com_
> <mailto:patrick.gaikowski at kaufland.com>
> KI 967850: IT International / IT Governance / Netzwerk
> Design und IT-Sicherheit
> Office:
> Lindichstrasse 11
> D-74189 Weinsberg_
> __
>
> __http://www.kaufland.de_ <http://www.kaufland.de/>_
> __http://www.spannende-it.de_ <http://www.spannende-it.de/>
> Wir sind die Nr. 1:
> Kaufland ist "Bester Lebensmittelmarkt 2011"!
>
> Kaufland Informationssysteme GmbH & Co. KG
> Postfach 12 53 - 74149 Neckarsulm
> Kommanditgesellschaft
> Sitz: Neckarsulm
> Registergericht: Stuttgart HRA 104163
>
>
>
>
> _______________________________________________
> ZendTo mailing list_
> __ZendTo at zend.to_ <mailto:ZendTo at zend.to>_
> __http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
>
>
>
>
> Jules
>
> --
> Julian Field MEng CITP CEng_
> __www.Zend.To_ <http://www.zend.to/>
>
> Follow me at twitter.com/JulesFM
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
> 'It's okay to live without all the answers' - Charlie Eppes, 2011
> 'All programs have a desire to be useful' - Tron, 1982
> 'That is the land of lost content,
> I see it shining plain,
> The happy highways where I went,
> And cannot come again.' - A.E. Houseman
> _______________________________________________
> ZendTo mailing list_
> __ZendTo at zend.to_ <mailto:ZendTo at zend.to>_
> __http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
>
>
> _______________________________________________
> ZendTo mailing list_
> __ZendTo at zend.to_ <mailto:ZendTo at zend.to>_
> __http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
> Jules
>
> --
> Julian Field MEng CITP CEng_
> __www.Zend.To_ <http://www.zend.to/>
>
> Follow me at twitter.com/JulesFM
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
> 'It's okay to live without all the answers' - Charlie Eppes, 2011
> 'All programs have a desire to be useful' - Tron, 1982
> 'That is the land of lost content,
> I see it shining plain,
> The happy highways where I went,
> And cannot come again.' - A.E. Houseman
> _______________________________________________
> ZendTo mailing list_
> __ZendTo at zend.to_ <mailto:ZendTo at zend.to>_
> __http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
>
>
> _______________________________________________
> ZendTo mailing list
> _ZendTo at zend.to_ <mailto:ZendTo at zend.to>
> _http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
>
>
> Jules
>
> --
> Julian Field MEng CITP CEng
> _www.Zend.To_ <http://www.zend.to/>
>
> Follow me at twitter.com/JulesFM
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
> 'It's okay to live without all the answers' - Charlie Eppes, 2011
> 'All programs have a desire to be useful' - Tron, 1982
> 'That is the land of lost content,
> I see it shining plain,
> The happy highways where I went,
> And cannot come again.' - A.E. Houseman
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng CITP CEng
www.Zend.To
Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
I see it shining plain,
The happy highways where I went,
And cannot come again.' - A.E. Houseman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/d9a836c9/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/d9a836c9/attachment-0002.gif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/d9a836c9/attachment-0003.gif
More information about the ZendTo
mailing list