HTTP File upload/post Blocking
Access control, Application security, backdoors, Browsers, Current threats, Database, Encryption, Exchange, filtering, Firewalls, Forensics, Hacking, human factors, Incident response, Instant Messaging, Intrusion management, Network protocols, Network security, Networking, Secure Coding, Security, Servers, Spyware, SSL/TLS, TCP, Trojans, Viruses, VPN, Web security, Wireless, worms
In this ever expanding world of network security I am seeking a software or appliance to block HTTP file uploads or post. The problem in a nutshell is I cannot block all of the HTML based Email providers. I also cannot block all of the web sites that support HTTP file posting.
I am seeking a solution that will at some level stop all documents personal or private from being simply attached to a hotmail email or posted to a web server. Best case would be that people could still access their email but when they upload a document the encoded information would never reach its destination.
I would think there should be more out there to cover this. Most organizations I would believe could fall pray to an unhappy employee simply posting sensitive documents to an HTML based email and sending it where ever they want.
Any suggestions?
Software/Hardware used:
Software/Hardware used:
ASKED:
October 13, 2005 10:34 AM
UPDATED:
October 17, 2005 4:05 PM
Answer Wiki:
The answer is complex.
You can use checkpoint NGX firewall with web intellegence license and block attachments by not allowing the POST method.You can also use the microsoft RMS product and specify strict controls over sensetive files - that will prevent users from send those files via email.
You can also install controlguard on you workstations and laptops and prevent users from connecting USB disk-on-key and GPRS modems.http://www.controlguard.com
Good Luck!
aner sagi
CISSP
To see all answers submitted to the Answer Wiki: View Answer History.
Thank you for your suggestions. I alreay lock down the Network pretty tight. We have the users on a tight, tight leash. We have gone to many Great lengths to block USB’s Floppies, and CDRom Writers. Cameras are not alowed and MP3′s are forbiden and we get alerts if people hook up related equiptment. Very Locked down. But unfortunatly we can not just block Hotmail and the like. And even if we did we can not block them all, there is going to be one that we did not even know existed. So we wanted to get the snake at the head so to speak.
There is a company in California called Reconnex that has a product that can look at Hotmail type traffic for sensitive data. I think it can also look at zipped files. A friend works for them and what based on what he has told me their products probably will address your needs. I think their web site is reconnex.net
Thanks for all your information. I have checked out http://reconnex.net/products/iguard.asp . It look promising. However I hope the industry gets more vigiliant about this kind of threat in the future.
Microsoft ISA Server 2004 has application layer inspection for HTTP protocol allowing filtering by methods, extensions, headers (server and via) and signatures (keywords searched in request URL, header or body).