Controlling and auditing SFTP file transfers
First Claim
Patent Images
1. A computer program product stored on a non-transitory computer-readable medium for controlling encrypted file transfers comprising instructions operable to cause a computer to:
- perform a man-in-the-middle attack on an encrypted file transfer protocol connection going through the computer to obtain access to the plaintext of the encrypted file transfer protocol connection;
identify a file transfer attempt in the plaintext; and
determine whether to allow the file transfer attempt based on the name or content of the file.
1 Assignment
0 Petitions
Accused Products
Abstract
Encrypted SFTP file transfers and other encrypted file transfers may be audited and what files can be transferred may be controlled at a firewall or other gateway. Transferred files may be subjected to data loss prevention analysis and/or virus checks.
-
Citations
20 Claims
-
1. A computer program product stored on a non-transitory computer-readable medium for controlling encrypted file transfers comprising instructions operable to cause a computer to:
-
perform a man-in-the-middle attack on an encrypted file transfer protocol connection going through the computer to obtain access to the plaintext of the encrypted file transfer protocol connection; identify a file transfer attempt in the plaintext; and determine whether to allow the file transfer attempt based on the name or content of the file. - View Dependent Claims (2, 3, 4)
-
-
5. A method comprising:
-
performing a man-in-the-middle attack on an encrypted connection that is a Secure Shell (SSH) protocol connection going through a first network device to obtain decrypted content of the encrypted connection; identifying a protocol request in the decrypted content as a request pertaining to a file; and determining whether to allow the request. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
-
-
13. An apparatus comprising:
-
at least one processor; at least one memory comprising program code configured to, with the at least one processor, cause the apparatus to; perform a man-in-the-middle attack on an encrypted connection that is a Secure Shell (SSH) protocol connection going through a first network device to obtain decrypted content of the encrypted connection; identify a protocol request in the decrypted content of the encrypted connection as a request pertaining to a file; and determine whether to allow the request. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification