[SOLVED] DLP Blocking some packages from Ubuntu repositories

Forum|Forum|11 years ago
March 5, 2015
1 reply
12423 views

http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.5/mysql-common_5.5.41-0ubuntu0.14.04.1_all.deb

http://br.archive.ubuntu....sl-cert_1.0.33_all.deb

Can't download from either links, as I get the message "The transfer attempted appeared to contain a data leak!".

I can download other files/packages from the same repositories.

How can I make my server bypass this restriction, or put these URLs in a white list?

FortiGate 90D v5.0,build3608

Thank you

EDIT: just updating this thread, I found out what was causing the block. My DLP rules were blocking ".cnf" files, and inside some DEB files this file is present. I didn't know, but FortiGate scans inside the file before downloading it. After removing the ".cnf" rule in DLP, the files were downloaded successfully.

Iescudero

New Member

Hi!

just create a new policy upper that policy with dlp applied, with the source address is your linux server and try again.

Bye!

vgattiAuthor

New Member

escudero wrote:
just create a new policy upper that policy with dlp applied, with the source address is your linux server and try again.

Thanks for your quick reply!

However, by doing that I'll be making my Linux Server open to the whole internet, right? Isn't there any way to create an exception inside DLP?

Iescudero

New Member

You can solve this, adding destination fqn address security.ubuntu.com and br.archive.ubuntu both with port 80 (http service) and thats it!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded