PaulDotCom mailing list archives
Bypassing Vontu
From: pj_mcgarvey at hotmail.com (PJ McGarvey)
Date: Thu, 22 Oct 2009 13:50:37 -0400
XOR it *twice* ;-)
Date: Thu, 22 Oct 2009 11:41:59 -0500 From: NSweaney at tulsacash.com To: pauldotcom at mail.pauldotcom.com Subject: Re: [Pauldotcom] Bypassing Vontu No experience, but here's a few tactics to try. * Boot to a live disk & copy files to USB. * encrypt data with truecrypt before sending it out. * Open data in your text editor & replace a few common characters with a symbol so that the data is somewhat garbled. * upload data to a site using SSL encryption. * Open data on screen & take pictures with your phone. * Copy data in the notes section of your email contacts & then access from outside. * paste data into an email & then save as a draft (but don't send.) then open draft from outside. * print data to pdf & send out. * open data on screen, take screen shots, and then email the screenshots. * sync your phone with the computer & try to copy out. (not as a drive, as a synced folder on the phone). -----Original Message----- From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Monkey Daemon Sent: Thursday, October 22, 2009 10:45 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Bypassing Vontu 2009/10/22 Brian Schultz <theconqueror at gmail.com>:Our security department is testing out Symantec's Vontu and I am playing the guinea pig and have to try and get documents out of our company's environment. I have a really basic understanding of how it works. It has a span port sitting and listening to all outgoing web traffic and there is also an agent that sits on desktops and watches to see if any sensitive information leaves via USB drive or e-mail. Does anyone have any whitepapers or info regarding how it actually works or any tactics I should try?Switch off the box, open the case and walk out with the disk in your briefcase/laptop bag? MWD
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091022/b29a2c09/attachment.htm
Current thread:
- Bypassing Vontu Brian Schultz (Oct 22)
- Bypassing Vontu Monkey Daemon (Oct 22)
- Bypassing Vontu James Costello (Oct 22)
- Bypassing Vontu Michael Boyd (Oct 22)
- Bypassing Vontu Jason Jones (Oct 22)
- Bypassing Vontu Dan Baxter (Oct 22)
- Bypassing Vontu Nathan Sweaney (Oct 22)
- Bypassing Vontu PJ McGarvey (Oct 22)
- Bypassing Vontu Michael Dickey (Oct 22)
- Bypassing Vontu Robin Wood (Oct 22)
- Bypassing Vontu Chris Merkel (Oct 22)
- Bypassing Vontu Jim Halfpenny (Oct 22)
- Bypassing Vontu Ron Gula (Oct 22)
- Bypassing Vontu Raffi Jamgotchian (Oct 22)
- Bypassing Vontu Allen Deryke (Oct 22)
- Bypassing Vontu John Strand (Oct 22)
- Bypassing Vontu xgermx (Oct 22)
- Bypassing Vontu Chris Merkel (Oct 22)
(Thread continues...)
- Bypassing Vontu Monkey Daemon (Oct 22)