[ZendTo] Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: Security Issue - Data Leakage Prevention

Jules Jules at Zend.To
Fri Mar 2 09:08:03 GMT 2012 

So if the user has not logged in, you don't want to allow drop-offs from 
localIPSubnets?
If the user has logged in, or they aren't sending a drop-off from 
localIPSubnets, then allow that.

So all you are actually wanting to do is force people connecting from 
localIPSubnets to log in, before they can send a drop-off.

I think I'm starting to understand. I'm having a bit of difficulty 
understanding your English, but I appreciate that's not your fault! Your 
English is infinitely better than my German. :-))

Jules.

On 02/03/2012 08:39, patrick.gaikowski at kaufland.com wrote:
>
> Hi Jules,
>
> i think we can stop that conversation. You are not willing to 
> understand me!
>
> I don't want to prevent anonymous login from outside. I want only 
> prevent sending Verification to xxx at kaufland.xx if the user (some 
> employee from my company without authorization) tries to bypass the 
> authorization.
> Sending Verification to *all *other domains should be possible.
>
> Mit freundlichen Grüßen / Best regards
>
> Patrick Gaikowski
> Tel:     +49 7132 94 3568
> Fax:    +49 7132 94 73568
> E-Mail: patrick.gaikowski at kaufland.com
> KI 967850: IT International / IT Governance / Netzwerk Design und 
> IT-Sicherheit
> Office:
> Lindichstrasse 11
> D-74189 Weinsberg
>
>
>
> http://www.kaufland.de
> http://www.spannende-it.de
> Wir sind die Nr. 1:
> Kaufland ist "Bester Lebensmittelmarkt 2011"!
>
> Kaufland Informationssysteme GmbH & Co. KG
> Postfach 12 53 - 74149 Neckarsulm
> Kommanditgesellschaft
> Sitz: Neckarsulm
> Registergericht: Stuttgart HRA 104163
>
>
>
>
>
>     Inactive hide details for Jules ---02.03.2012 09:35:32---Jules
>     <Jules at zend.to>Jules ---02.03.2012 09:35:32---Jules <Jules at zend.to> 
>
>     *Jules <Jules at zend.to>*
>     Gesendet von: zendto-bounces at zend.to
>
>     02.03.2012 09:32
>         Bitte antworten an
>         ZendTo Users <zendto at zend.to> 
>
> 	
>
> 	
> ZendTo Users <zendto at zend.to>
>
> 	
>
> Thema
> 	
> [ZendTo] Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: 
> Security Issue - Data Leakage Prevention
>
> 	
>
>
> But half the point of ZendTo is that anonymous users *can* create 
> drop-offs. Otherwise how do people outside your organisation send 
> files to you?
>
> On 01/03/2012 16:47, Joerg Streibhardt wrote:
>
>
>     Hello everyone
>
>     it appears this may be a use case for a part of my initial patch
>     submitted for SQLite 3. If the new function is enabled it would
>     not be possible for an anonymous user to create a dropoff at all.
>     Registered users on the other hand are able to send files and
>     request others to send files to them.
>
>     Let me know if this is an option for you.
>
>     Cheers
>     Jörg
>
>
>
>     _______________________________________________
>     ZendTo mailing list
>     _ZendTo at zend.to_ <mailto:ZendTo at zend.to>
>     _http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
>
>
> Jules
>
> -- 
> Julian Field MEng CITP CEng
> _www.Zend.To_ <http://www.zend.to/>
>
> Follow me at twitter.com/JulesFM
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
> 'It's okay to live without all the answers' - Charlie Eppes, 2011
> 'All programs have a desire to be useful' - Tron, 1982
> 'That is the land of lost content,
> I see it shining plain,
> The happy highways where I went,
> And cannot come again.' - A.E. Houseman
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto

Jules

-- 
Julian Field MEng CITP CEng
www.Zend.To

Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
  I see it shining plain,
  The happy highways where I went,
  And cannot come again.' - A.E. Houseman

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/4fcd87b4/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/4fcd87b4/attachment.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/4fcd87b4/attachment-0001.gif

More information about the ZendTo mailing list