[ZendTo] Patrick - Data Leakage Prevention
patrick.gaikowski at kaufland.com
patrick.gaikowski at kaufland.com
Sat Mar 3 08:54:48 GMT 2012
Hi Jules,
my aim is to prevent Drop-off's within my company domains, if the user
cannot login (has no rights to login).
>From outside my company a Drop-off should be possible without rights.
Because external Partner should be able to Upload files to employees of my
company.
I found a quick workaround with my existing mod_security module in apache.
If a user is not authorized, he has no Cookie assigned. This circumstance
in combination with source-address and filename (verify.php) can i use to
distinguish an authorized user from a non authorized user. In case of
matching the user is redirected to an error-Page.
This is only a quick workaround and only security by obscurity.
The best would be an identification of employees in case for non-authorized
Drop-Off's (user is not logged in) --> combination of localSubnet +
DomainBlacklisting (kaufland.xx)
If the employee has the right to upload files to outside world, the
identification should not match.
Mit freundlichen Grüßen / Best regards
Patrick Gaikowski
Tel: +49 7132 94 3568
Fax: +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk Design und
IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg
http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!
Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120303/40c95e3d/attachment.html
More information about the ZendTo
mailing list