Brian Schultz wrote: > Our security department is testing out Symantec's Vontu and I am playing > the guinea pig and have to try and get documents out of our company's > environment. I have a really basic understanding of how it works. It has > a span port sitting and listening to all outgoing web traffic and there > is also an agent that sits on desktops and watches to see if any > sensitive information leaves via USB drive or e-mail. > > Does anyone have any whitepapers or info regarding how it actually works > or any tactics I should try? >
Keep in mind the general consensus on DLP is that they stop/detect "simple" leakage, which can be a real threat if you have uneducated users who are doing things like emailing customer lists to their hotmail account. However, to show that this indeed can be bypassed: Try to send some attachments that are: - zipped and password protected - PDFs with a password - screen shots of spreadsheets, docs, .etc - PGP an attachment (use AxCyrpt, or any other "free" crypt tool) Also try send an attachment/email : - to gmail - to hotmail - post a doc to facebook - send it via IM to a buddy using an encrypted client - if you have comcast or timewarner, most email is encrypted over SSL/TLS I'm sure there are lots more ideas out here. -- Ron Gula, CEO Tenable Network Security _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
