About depps

depps · ‎01-08-2021

I dont suppose you can share how you have configure Graylog to push / post back into Minemeld? This the exact thing I'm trying to do now.

depps · ‎07-04-2019

?n=50000 will use the newest in the list first? The issue with that is we have multiple EDL's so I cant just use a single filter. i.e. https://<minemeld>/feeds/<feedname1>?n=20000 https://<minemeld>/feeds/<feedname2>?n=20000 https://<minemeld>/feeds/<feedname3>?n=10000

depps · ‎07-02-2019

How would one filter the OTX reputation database so only objects see more than 5 days ago are removed? I have tried to edit the miner with age out config below however im not convinced thats the right place to do it. Failing that what are people doing to import from OTX as the default list is in excess of 50k and above the EDL limits on some kit. default: first_seen+5d interval: 1800 sudden_death: true

depps · ‎08-07-2014

Happens in both IE and Chrome - something to do with the enhanced dropbox uploader. Silverlight isn't installed on the test PC. See example log

depps · ‎08-07-2014

I have an issue with our fw blocking windows update on PC's despite having the ms-update application added to the Allowed_Downloads policy which is above the Web_Access policy. In the logs I see the wuredist.cab being blocked which is a component of ms-update. This is blocked via the usual Web_Access policy that blocks cab's, exe's.

depps · ‎08-07-2014

I've noticed that when using the dropbox basic uploader the filenames are logged under data filtering correctly however when you drag and drop files into dropbox the filename is recorded as "chunked_upload". Is there a way to figure out the actual file name or enforce the basic uploader? It's nice to be able to see the actual file names of uploaded documents.

depps · ‎04-28-2014

Any update on this? Anyone had any luck? I'd love to block conduit toolbars.

depps · ‎02-25-2014

We've had PAN kit for the best part of a year and use it for SSL decryption among other things. The SSL certs were generated via a CA on our domain. IE, and Chrome work transparently, firefox used to. I know get a "This Connection is Untrusted" page in firefox. www.facebook.com uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. (Error code: sec_error_unknown_issuer) It seems that firefox isnt recognizing our CA for some reason. Hopefully someone else has seen this behavior.

depps · ‎09-23-2013

Those links dont say how to enable both decryption of dropbox web traffic but also still keep the application working for certain users. It appears its not possible as dropbox web and app appear as the same application. Is it possible to create an decryption rule that excludes dropbox decryption for only 2 users thus allowing a few important users access to both the web and desktop app?

depps · ‎09-20-2013

Hello, We have a requirement to do the following Block dropbox for some users Allow dropbox web for some users but block app - use ssl decryption to control uploads Allow ALL for 2 VIP's - no decryption required Is this at all possible?

Member Since	‎06-10-2013 04:26 AM
Date Last Visited	‎01-08-2021 09:27 AM
Posts	10
Total Likes Received	5

Online Status	Offline
Date Last Visited	‎01-08-2021 09:27 AM

About depps

Re: Syslog listener to python script possible??????

Re: filter based on age

filter based on age

Re: Dropbox Uploaders

Windows Update Issue

Firefox SSL decryption issue

Re: Dropbox Uploaders

Re: Block - Ask toolbar

Re: Syslog listener to python script possible??????

Re: filter based on age

filter based on age

Re: Dropbox Uploaders

Windows Update Issue

Dropbox Uploaders

Re: Block - Ask toolbar

Firefox SSL decryption issue

Re: Dropbox (again)

Dropbox (again)

Network Security

Cloud Security

Security Operations

About depps