PaulDotCom mailing list archives

Bypassing Vontu

From: strandjs at gmail.com (John Strand)
Date: Fri, 23 Oct 2009 07:07:04 +0900

Or you could have fun breaking it into 1000 little pieces.

Steel post security.

John

On Fri, Oct 23, 2009 at 6:34 AM, <johnemiller at gmail.com> wrote:

I am notoriously bad at picking up on sarcasm over email, especially
lacking the appropriate <sarcasm> tag, but are you seriously suggesting
tailoring the testing to only highlight the features that you know work? I
can understand wanting to demonstrate what would get caught, but the real
value of testing this system is to find out where the weakness exist so that
appropriate controls can be added to reduce those risks. The testing
methodology should be expansive enough to use as education for the idiots.


On Oct 22, 2009 2:14pm, Chris Merkel <cmerkel at gmail.com> wrote:

I agree with Ron - DLP is an "idiot screen" and is useful for little

more. Therefore, your testing methodology should be to emulate idiots

and nothing more. (and educate any idiot who thinks it will solve your

leakage issues.)







On 10/22/09, xgermx xgermx at gmail.com> wrote:

Create a small TrueCrypt container, copy sensitive files to container,

copy

container to usb or email container.

On Thu, Oct 22, 2009 at 10:38 AM, Brian Schultz

theconqueror at gmail.com>wrote:

Our security department is testing out Symantec's Vontu and I am

playing

the guinea pig and have to try and get documents out of our company's

environment. I have a really basic understanding of how it works. It

has a

span port sitting and listening to all outgoing web traffic and there

is

also an agent that sits on desktops and watches to see if any

sensitive

information leaves via USB drive or e-mail.

Does anyone have any whitepapers or info regarding how it actually

works

or

any tactics I should try?

_______________________________________________

Pauldotcom mailing list

Pauldotcom at mail.pauldotcom.com

http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom

Main Web Site: http://pauldotcom.com




--

Sent from my mobile device



- Chris Merkel

_______________________________________________

Pauldotcom mailing list

Pauldotcom at mail.pauldotcom.com

http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom

Main Web Site: http://pauldotcom.com


_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091023/38655519/attachment.htm

Current thread:

Bypassing Vontu, (continued)
- Bypassing Vontu Robin Wood (Oct 22)
- Bypassing Vontu Chris Merkel (Oct 22)
- Bypassing Vontu Jim Halfpenny (Oct 22)
- Bypassing Vontu Ron Gula (Oct 22)
- Bypassing Vontu Raffi Jamgotchian (Oct 22)
- Bypassing Vontu Allen Deryke (Oct 22)
  - Bypassing Vontu John Strand (Oct 22)
- Bypassing Vontu xgermx (Oct 22)
  - Bypassing Vontu Chris Merkel (Oct 22)
    - Bypassing Vontu johnemiller at gmail.com (Oct 22)
    - Bypassing Vontu John Strand (Oct 22)
    - Bypassing Vontu Chris Merkel (Oct 22)
    - Bypassing Vontu Justin Andrusk (Oct 22)
  - Bypassing Vontu Dan McGinn-Combs (Oct 22)
- Bypassing Vontu allen.deryke at hushmail.com (Oct 22)
  - Bypassing Vontu Duncan Alderson (Oct 23)
    - Bypassing Vontu Shawn Bernard (Oct 23)
    - Bypassing Vontu Ron Gula (Oct 23)
    - Bypassing Vontu Shane Kelly (Oct 24)