Bypassing Vontu

[NSweaney at tulsacash.com (Nathan Sweaney)]

No experience, but here's a few tactics to try.

* Boot to a live disk & copy files to USB.
* encrypt data with truecrypt before sending it out.
* Open data in your text editor & replace a few common characters with a symbol so that the data is somewhat garbled.
* upload data to a site using SSL encryption.
* Open data on screen & take pictures with your phone.
* Copy data in the notes section of your email contacts & then access from outside.
* paste data into an email & then save as a draft (but don't send.) then open draft from outside.
* print data to pdf & send out.
* open data on screen, take screen shots, and then email the screenshots.
* sync your phone with the computer & try to copy out.  (not as a drive, as a synced folder on the phone).



-----Original Message-----
From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Monkey 
Daemon
Sent: Thursday, October 22, 2009 10:45 AM
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] Bypassing Vontu

2009/10/22 Brian Schultz <theconqueror at gmail.com>:
> Our security department is testing out Symantec's Vontu and I am playing the
> guinea pig and?have to try and get documents out of our company's
> environment. I have a really basic understanding of how it works. It has a
> span port sitting and listening to all outgoing web traffic and there is
> also an agent that sits on desktops and watches to see if any sensitive
> information leaves via USB drive or e-mail.
>
> Does anyone have any whitepapers or?info regarding how it actually works or
> any tactics I should try?

Switch off the box, open the case and walk out with the disk in your
briefcase/laptop bag?

MWD
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com