Wednesday, February 07, 2007
Spammy Spam Spam
Last year the company Exchange server I manage almost crashed because spammers got a hold of it (BZ you should feel me here). Not just relaying spam but, a simultaneous DoS attack flooding the server with NDR messages. Yeah I had to call in the big boys on that one (Microsoft). Anyway, the point is, after I stopped all relays (except me), cleaned up the messages, changed a password and finally got off all the blacklists I was pretty peeved. It didn't help that in the following days coworkers began to complain of increased spam in their inboxes! We run GFI MailEssentials which normally performs pretty well but, now it wasn't catching them.Turns out the Bayesian filtering system that is it's highlight was my downfall here. By default outgoing messages are added to the legitimate database. This is because under normal conditions all of these messages would be sent by you. In this case, however, spammers sent thousands of messages which were added to the legitimate database seriously lessening it's ability to to detect actual spam. Another side effect was that the whitelist, which also auto adds the address of outgoing mail, had about 65,000 bogus entries.
Well I got it all cleaned up and it runs better than ever now but, I'm still a little paranoid. The whole experience got me really focused on security. Since then I've made a lot of improvements at work and I've been spending a good bit of time places like PhishTank trying to find a way to get one back at em. So much time I managed to make the top 10 list last month. I've got a page where I plan to put samples from work that range from "damn near perfect" to "why did they bother". It's interesting, at least I think so........
Saturday, February 03, 2007
Sharefile got dat fire
Last week I signed my company up for a Sharefile account, Enterprise plan and let me tell you it's awesome!
Why? Well a little background first.......the company I work for receives a large amount of sensitive material daily, mainly medical records. Up until now this has usually been via email which causes all sorts of problems. Firstly, email is not encrypted so any accidental recipient or interceptor of the message would have full access to the files. The second issue is size limits; medical records, often 100 pages or more, have to be sent in 5-6 messages just to be received. Third and what I found to be my greatest issue, the storage problem! Files arrive via email and end up being forwarded around the office in addition to saved on a fileserver. We would easily end up with 4-5 copies of the same file. These files pile up in an Inbox, one dept and this is no lie, was 11GB! Anybody backing up mailbox folders on Exchange knows just how painful that process can be. (Yes I know about the new Veritas but we can't swing for it just yet). All that plus the dailys add up to hella space!
Sharefile addressed all three of these issues for me. Files are first uploaded to a Sharefile server then we receive notification that a file is available including a link, its that simple. You can send files in the very same manner as well as request files complete with a link to an upload site. One of the more advanced features is the ability to add clients with unique logins and assign them rights to individual file folders. This way clients logging in can only see and do what you want them to. All of this is encrypted and the admin functions allow you to set up users, assign quotas, check usage, etc. As for storage, it's their server so we can download a copy straight to our file server and all that goes to the inbox is the notification.
There are a bunch of similar products out there and I've tried a good number of them. We actually used Sendthisfile....still kinda do, easy to use and economical. In the end though, it couldn't meet our needs. Pipeline eXchange is a very high quality product , however, geared more towards larger companies. The pricing is a little out of our reach and the bandwidth allotment was weak. Enterprise plans start with 1GB and each additional costing around 20 dollars. It kinda hurt because we liked it so much but, when I saw Sharefile I was hooked.
We have used it for a weak now and it is great. Today an employee that happened to be in New York needed some software and wanted it overnighted to him. That means burning a copy, and paying a shipping cost over a hundred dollars. So Mike, the other IT guy at my company, zips the setup files and key and uploads it to the Sharefile server, takes about 15mins and then maybe 10mins to download it in New York and walla. You know 25min for a 300MB file sent securely ain't bad at all.
Why? Well a little background first.......the company I work for receives a large amount of sensitive material daily, mainly medical records. Up until now this has usually been via email which causes all sorts of problems. Firstly, email is not encrypted so any accidental recipient or interceptor of the message would have full access to the files. The second issue is size limits; medical records, often 100 pages or more, have to be sent in 5-6 messages just to be received. Third and what I found to be my greatest issue, the storage problem! Files arrive via email and end up being forwarded around the office in addition to saved on a fileserver. We would easily end up with 4-5 copies of the same file. These files pile up in an Inbox, one dept and this is no lie, was 11GB! Anybody backing up mailbox folders on Exchange knows just how painful that process can be. (Yes I know about the new Veritas but we can't swing for it just yet). All that plus the dailys add up to hella space!
Sharefile addressed all three of these issues for me. Files are first uploaded to a Sharefile server then we receive notification that a file is available including a link, its that simple. You can send files in the very same manner as well as request files complete with a link to an upload site. One of the more advanced features is the ability to add clients with unique logins and assign them rights to individual file folders. This way clients logging in can only see and do what you want them to. All of this is encrypted and the admin functions allow you to set up users, assign quotas, check usage, etc. As for storage, it's their server so we can download a copy straight to our file server and all that goes to the inbox is the notification.
There are a bunch of similar products out there and I've tried a good number of them. We actually used Sendthisfile....still kinda do, easy to use and economical. In the end though, it couldn't meet our needs. Pipeline eXchange is a very high quality product , however, geared more towards larger companies. The pricing is a little out of our reach and the bandwidth allotment was weak. Enterprise plans start with 1GB and each additional costing around 20 dollars. It kinda hurt because we liked it so much but, when I saw Sharefile I was hooked.
We have used it for a weak now and it is great. Today an employee that happened to be in New York needed some software and wanted it overnighted to him. That means burning a copy, and paying a shipping cost over a hundred dollars. So Mike, the other IT guy at my company, zips the setup files and key and uploads it to the Sharefile server, takes about 15mins and then maybe 10mins to download it in New York and walla. You know 25min for a 300MB file sent securely ain't bad at all.
Labels: file transfer, work
