This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Blocking and Reporting Data on Cyber Bullying and Victims

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Blocking and Reporting Data on Cyber Bullying and Victims

kalyanram.piratla
L4 Transporter

‎10-29-2012 11:05 AM

Any way I can use PAN firewalls to stop cyber bullying and then generate a report on individuals trying to bully and who were the victims?

For Ex:  Access to facebook is granted (facebook file-sharing, posting, chatting etc) but when the individual tries to bully another individual using slang language (keywords), PAN firewall should prevent it (block).  Can Data Filtering be used for such purposes?

Many Thanks

K

0 Likes Likes
2 REPLIES 2

mikand
L6 Presenter

‎10-29-2012 11:59 PM

The problem is to trigger the bully vs. victim part - what is a bully text or for that matter which text will someone identify as being a victim?

Just because someone in a message writes "you are an idiot" doesnt necessary means that bullying is in progress. In this case the full sentence is perhaps "Mr X said to Mr Y: -you are an idiot, sir!" which I think most people wouldnt recognise as being bully.

But with that being said I think you should be able to use the DLP feature in PA set to alert mode.

Create signatures which acts on facebook-chat and the other appid's you are interrested in and then create a db of words/sentences to search for.

Given that you use SSL-termination in your PA and the traffic isnt encoded in some odd way you should be able to get a report from the above (with a HUGE disclaimer that this report only acts on words/sentences alone and not the meaning of words/senctences).

kalyanram.piratla
L4 Transporter

‎10-30-2012 09:35 AM

Using the Data Filtering Profile isn't helping me..or I am might have messed up the configuration somewhere.

I create a Data Pattern by setting the Regex to "test" with the weight set to 1.  Then create a Data Filtering Profile, Add the Data pattern configured, set the applications to facebook-posting and facebook-chat and set the Alert and Block Threshold to 1.

I then configure a security rule and add the Data Filtering profile and set the URL categories to Alert.

I then log onto facebook using http (not https to avoid ssl) and posted "test".  I don't see this blocking / stopping me on doing this and I don't even expect to be blocked as I did not set anything anywhere that blocks anything related to this process.

What am I missing?  Any ideas or guidance will be helpful.Smiley Happy

Cheers...

K

0 Likes Likes
  • 1597 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks