Preventing credit card numbers from escaping your network



Similar documents
HP Device Manager 4.6

FTP Server Configuration

Configuring Security for FTP Traffic

Install FileZilla Client. Connecting to an FTP server

Using Remote Web Workplace Version 1.01

Using a custom certificate for SSL inspection

FTP Use. Internal NPS FTP site instructions using Internet Explorer:

Connecting an Android to a FortiGate with SSL VPN

Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications

Using Internet or Windows Explorer to Upload Your Site

Using SSH Secure Shell Client for FTP

How to use FTP Commander

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # )

Setting Up Your FTP Server

Quick Start Guide. Cerberus FTP is distributed in Canada through C&C Software. Visit us today at

F-Secure Messaging Security Gateway. Deployment Guide

IIS, FTP Server and Windows

APPLICATION NOTE. CC5MPX Digital Camera and IPn3Gb Cellular Modem 10/14. App. Note Code: 3T-Z

Multi-Homing Dual WAN Firewall Router

DSI File Server Client Documentation

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Connecting to LRDC Fileserver Remotely Using Windows Vista/7 & SRemote VPN

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Preparing for GO!Enterprise MDM On-Demand Service

HP Device Manager 4.6

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

Remote Access VPN SSL VPN Access via Internet Explorer

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

Talk Internet User Guides Controlgate Administrative User Guide

Immotec Systems, Inc. SQL Server 2005 Installation Document

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

Setting Up Scan to SMB on TaskALFA series MFP s.

How to Configure edgebox as a Web Server

Volume SYSLOG JUNCTION. User s Guide. User s Guide

Scan to FTP (File Transfer Protocol)

QUESTION: 1 Which of the following are valid authentication user group types on a FortiGate unit? (Select all that apply.)

Working With Your FTP Site

CASHNet Secure File Transfer Instructions

Gigabyte Content Management System Console User s Guide. Version: 0.1

WestermoConnect User Guide. VPNeFree Service

Spam Marshall SpamWall Step-by-Step Installation Guide for Exchange 5.5

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

DiskPulse DISK CHANGE MONITOR

IBI Group FTP: Usage Instructions

How to Open HTTP or HTTPS traffic to a webserver behind the NetVanta 2000 Series unit (Enhanced OS)

Sophos for Microsoft SharePoint startup guide

Version 1.0 January Xerox Phaser 3635MFP Extensible Interface Platform

Reference and Troubleshooting: FTP, IIS, and Firewall Information

Configuring the WT-4 for ftp (Infrastructure Mode)

DEPLOYMENT GUIDE Version 1.2. Deploying F5 with Oracle E-Business Suite 12

PACK'N DEPLOY GUIDE. Version 2.58

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Using FTP to update L300 Firmware

Web File Management with SSH Secure Shell 3.2.3

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

How To Authenticate An Ssl Vpn With Libap On A Safeprocess On A Libp Server On A Fortigate On A Pc Or Ipad On A Ipad Or Ipa On A Macbook Or Ipod On A Network

Infor Xtreme Browser References

Cox Business Premium Online Backup USER'S GUIDE. Cox Business VERSION 1.0

Information & Communication Technologies FTP and GroupWise Archives Wilfrid Laurier University

Device Log Export ENGLISH

Installation Guide. Research Computing Team V1.9 RESTRICTED

File Space / Web Space / Database Space - Self-Service Allocation August 2009

How-to: HTTP-Proxy and Radius Authentication and Windows IAS Server settings. Securepoint Security System Version 2007nx

MultiSite Manager. Using HTTPS and SSL Certificates

FTP, IIS, and Firewall Reference and Troubleshooting

How to Setup and Connect to an FTP Server Using FileZilla. Part I: Setting up the server

Quick Scan Features Setup Guide

SFTP Server User Login Instructions. Open Internet explorer and enter the following url:

Centers for Medicare and Medicaid Services. Connect: Enterprise Secure Client (SFTP) Gentran. Internet Option Manual

Web Application Firewall

USB Functions for Windows 7

If you examine a typical data exchange on the command connection between an FTP client and server, it would probably look something like this:

Upgrade your Software

Quick Note 026. Using the firewall of a Digi TransPort to redirect HTTP Traffic to a proxy server. Digi International Technical Support December 2011

Deploying the BIG-IP LTM system and Microsoft Windows Server 2003 Terminal Services

SSH Secure Client (Telnet & SFTP) Installing & Using SSH Secure Shell for Windows Operation Systems

SECURE FTP CONFIGURATION SETUP GUIDE

DEPLOYMENT GUIDE. Deploying the BIG-IP LTM v9.x with Microsoft Windows Server 2008 Terminal Services

Using SSH Secure FTP Client INFORMATION TECHNOLOGY SERVICES California State University, Los Angeles Version 2.0 Fall 2008.

Aspera Connect User Guide

Sentral servers provide a wide range of services to school networks.

Shellshock Security Patch for X86

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

How do I load balance FTP on NetScaler?

SecuraLive ULTIMATE SECURITY

What Is Ad-Aware Update Server?

VoIPon Tel: +44 (0) Fax: +44 (0)

Secure Web Appliance. SSL Intercept

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]

Secure Traffic Inspection

SysAid Remote Discovery Tool

FTP e TFTP. File transfer protocols PSA1

1 You will need the following items to get started:

QUICK START GUIDE. Cisco C170 Security Appliance

1. Introduction What is Axis Camera Station? What is Viewer for Axis Camera Station? AXIS Camera Station Service Control 5

Linux FTP Server Setup

Mondopad v1.6. Quick Start

Test Case 3 Active Directory Integration

Getting Started with PRTG Network Monitor 2012 Paessler AG

Transcription:

Preventing credit card numbers from escaping your network The following recipe describes how to configure your FortiGate to use DLP (Data Loss Prevention) so that credit card numbers cannot be sent out of your network using FTP, SMTP email, or by posting to a webpage. Consumer transactions over the Internet is based upon the idea that the consumer trusts the vendor not to allow their credit card number into the possession of any unintended persons. If you deal with anyone s credit cards you may be legally responsible for their security. Having the firewall prevent their loss through digital channels may give both you and your customers some added piece of mind. 1. Obtaining credit card numbers for testing 2. Creating the DLP profile 3. Configuring the Proxy Options 4. Configuring the firewall policy 5. Results Credit Card Numbers Protocols SMTP FTP HTTP Fortinet D L P Internet Other Data

Obtaining credit card numbers for testing In order to test the validity of the profile you will need to use a credit card number in the traffic. A test number (will not work for purchasing) can be obtained from one of these pages: http://www.paypalobjects.com/en_us/vhelp/ paypalmanager_help/credit_card_numbers. htm http://www.crazysquirrel.com/finance/testcc.jspx http://www.getcreditcardnumbers.com/ Create a text file that contains some of these sample credit card numbers. Creating the DLP Profile Creating the Sensor Go to Security Profiles > Data Leak Prevention > Sensors.

Create a new profile by either selecting the Create New icon or the View List Icon. If using the View List option you will then need to select the Create New option from the menu bar in the next window. Once the New Sensor Window is open, type into the Name field whatever name you want for the the name of the profile. Creating Filters Use the Create New option to create new individual filters. For the first sensor, choose the Messages filter type, set it to messages Containing Credit Card #, select the services you wish to examine, and set Action to Block.

For the second filter choose the Files filter type set it to messages Containing Credit Card #, select the services you wish to examine, and set Action to Block. In this case we are going to choose both HTTP-POST and HTTP-GET. This will prevent not only the posting of credit card information to a web page, but the downloading of them as well. Check the listing of the filters in the sensor to make sure that the correct protocols are selected and the action in each is set to Block. Configuring the Proxy Options Protocols don t always use the standard ports, so proxy options will be configured to scan any port that is carrying traffic from the targeted protocol.

Go to Policy > Policy > Proxy Options. Create a new Proxy Option profile. In the Protocol Port Mapping section change the inspection ports from Specify to Any for the protocols HTTP, SMTP, and FTP. In the other option areas, select options that match up with the normal settings used by your organization.

Configuring the Firewall Policy Go to Policy > Policy > Policy. As this policy is designed to prevent specific information from leaving the network the direction of the policy is from the internal interface, in this case LAN, to the external interface, wan1. In the Security Profiles section, enable the DLP Sensor and choose the sensor created for blocking the credit card numbers as well as the appropriate Proxy Option profile. You can also include the use of SSL/SSH Inspection if you have that configured to your satisfaction. This will help prevent loss of data through SSL connections.

Results Testing SMTP Using your favorite email client, send a control email to an email server on the other side of the FortiGate unit to verify everything is working. Then try sending two emails; one with the credit card numbers in the body of the email message and one with the text document as an attachment. The control email makes it through, but the emails with the credit card information are not received at their destination. Go to Log & Report > Traffic Log > Forward Traffic. You should be able to find a log entries showing that the traffic was blocked. The logs even states that the reason they were considered threats had to do with credit-card information. Because secure SMTP may not use port 25, don t filter too narrowly when searching the logs. Also depending on your logging configuration, the logs may not show up in real-time.

Testing FTP Using your preferred FTP client, upload a control file that shouldn t be stopped to an FTP server on the other side of the FortiGate unit. To be as generic as possible, this example uses the command line. ftp ftp.example.com 1121 Connected to ftp.example.com. 220 (vsftpd 2.3.5) Name (ftp.example.com:): talesian 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 229 Entering Extended Passive Mode ( 61875 ). 150 Here comes the directory listing. <Various files and directories> 226 Directory send OK. ftp> put /<path to file s directory>/dlp_ test_file.doc DLP_test_file.doc local: /<path to file s directory>/dlp_test_ file.doc remote: DLP_test_file.doc 229 Entering Extended Passive Mode ( 61874 ). 150 Ok to send data. 100% *********************************** ********************************* 27136 580.79 KiB/s 00:00 ETA 226 Transfer complete. 27136 bytes sent in 00:00 (130.76 KiB/s) ftp>

Once you have verified that your FTP session is working properly, try to upload the text file with the credit card numbers to the FTP server. Using the command line, everything progresses the same as the previous example until after the put command has been entered. At this point there is a delay while the client tries to upload the file. After a number of attempts the client gives up. GUI FTP clients will show that it cannot proceed past the queueing process. Depending on the client, the connection to the FTP server will time out waiting for the upload to occur. 229 Entering Extended Passive Mode ( 61879 ). Abort trap: 6 <local system prompt>$ Testing HTTP HTTP can be tested in two directions; posting a credit card number and getting a credit card number. Try visiting one of the sites that you received the test credit card number from. You will receive a replacement message about the transfer.

To test posting a credit card number, go to a site on the far side of the firewall that you can edit. In this example, a wiki test page was started on a remote site and the test credit card numbers were entered in to the page. They were allowed onto the editing screen because that was on the local computer s browser. The content is not actually sent over the network until the Save page button is selected. At this point a warning message is displayed to indicate that the transfer appeared to contain a data leak.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information