HTTP File upload/post Blocking

pts.
Tags:
Access control
Application security
backdoors
Browsers
Current threats
Database
Encryption
filtering
Firewalls
Forensics
Hacking
human factors
Incident response
Instant Messaging
Intrusion management
Microsoft Exchange
Network protocols
Network security
Networking
Secure Coding
Security
Servers
Spyware
SSL/TLS
TCP
Trojans
Viruses
VPN
Web security
Wireless
worms
In this ever expanding world of network security I am seeking a software or appliance to block HTTP file uploads or post. The problem in a nutshell is I cannot block all of the HTML based Email providers. I also cannot block all of the web sites that support HTTP file posting. I am seeking a solution that will at some level stop all documents personal or private from being simply attached to a hotmail email or posted to a web server. Best case would be that people could still access their email but when they upload a document the encoded information would never reach its destination. I would think there should be more out there to cover this. Most organizations I would believe could fall pray to an unhappy employee simply posting sensitive documents to an HTML based email and sending it where ever they want. Any suggestions?

Answer Wiki

Thanks. We'll let you know when a new response is added.

The answer is complex.
You can use checkpoint NGX firewall with web intellegence license and block attachments by not allowing the POST method.You can also use the microsoft RMS product and specify strict controls over sensetive files – that will prevent users from send those files via email.
You can also install controlguard on you workstations and laptops and prevent users from connecting USB disk-on-key and GPRS modems.http://www.controlguard.com

Good Luck!
aner sagi
CISSP

Discuss This Question: 4  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Rfergus28
    Thank you for your suggestions. I alreay lock down the Network pretty tight. We have the users on a tight, tight leash. We have gone to many Great lengths to block USB's Floppies, and CDRom Writers. Cameras are not alowed and MP3's are forbiden and we get alerts if people hook up related equiptment. Very Locked down. But unfortunatly we can not just block Hotmail and the like. And even if we did we can not block them all, there is going to be one that we did not even know existed. So we wanted to get the snake at the head so to speak.
    0 pointsBadges:
    report
  • Jheadley
    There is a company in California called Reconnex that has a product that can look at Hotmail type traffic for sensitive data. I think it can also look at zipped files. A friend works for them and what based on what he has told me their products probably will address your needs. I think their web site is reconnex.net
    10 pointsBadges:
    report
  • Rfergus28
    Thanks for all your information. I have checked out http://reconnex.net/products/iguard.asp . It look promising. However I hope the industry gets more vigiliant about this kind of threat in the future.
    0 pointsBadges:
    report
  • Baes64
    Microsoft ISA Server 2004 has application layer inspection for HTTP protocol allowing filtering by methods, extensions, headers (server and via) and signatures (keywords searched in request URL, header or body).
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following