DropSmack: Using Dropbox to steal files and deliver malware

Toggle sidebar Toggle sidebar
lxskllr

lxskllr

No Lifer
Nov 30, 2004
59,424
9,942
126
I thought this was interesting...

Jake and I felt it important to mention that Dropbox is by far the most secure of all file synchronization applications that Jake looked at. In fact, he uses Dropbox personally (at least he did before finding the issue).
Click to expand...

I'd like to see a comparison of services from a privacy/security standpoint.
 
Oakenfold

Oakenfold

Diamond Member
Feb 8, 2001
5,740
0
76
Interesting. Yet another reason to create that whitelist of apps and deny all others with no business justification.
 
KillerBee

KillerBee

Golden Member
Jul 2, 2010
1,750
82
91
Oakenfold said:
Interesting. Yet another reason to create that whitelist of apps and deny all others with no business justification.
Click to expand...

Whitelisting every app that can run - that's a lot to cover ...what are the basics about attempting that?
 
Oakenfold

Oakenfold

Diamond Member
Feb 8, 2001
5,740
0
76
KillerBee said:
Whitelisting every app that can run - that's a lot to cover ...what are the basics about attempting that?
Click to expand...

You are right it is a lot to cover. But if you don't do it how do you know that what's running is authorized to run on your network? This will also help in s/w licensing audits.

There are multiple pieces involved in this project, starting out with the basics look at your perimeter firewall what do you allow through it from an application standpoint?

Do you have a list of software that is allowed to run? Bounce that off any channels allowed from an application standpoint in your firewall. Is there an opportunity for closing down channels that are not used by your organization?

Getting Upper Management buy-in is going to be key, without it you are fighting an uphill battle.

I'd recommend you take a look at the SANS top 20 critical controls,
http://www.sans.org/critical-security-controls/


specifically relating to this control objective is critical control 2 inventory of authorized and unauthorized software.

http://www.sans.org/critical-security-controls/control.php?id=2

This doesn't happen overnight but this is a good control to start on!

Some others may be able to chime in on this project that have been there done that...would like to hear their thoughts as well.

p.s. you could also look at NIST 800.53 Recommended Security Controls but to be honest just looking at the implementation of the process is overwhelming. Look at the SANS document first unless you have a compliance reason to stick with 800.53.
 
Last edited:
KillerBee

KillerBee

Golden Member
Jul 2, 2010
1,750
82
91
Thanks Oakenfold - Yes I do remember the having to read through all the NASA SP-800.xx and FISMA docs..talk about govt red paper at it's finest -lol
 
Last edited:
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom