I`m my organization we allow dropbox for users.
We using MacAfee web gateway7.3 as transparent proxy
We also have a global media type filtering that block executable files.
I notice that users can upload and download executables file from dropbox.
In the rule tracing central I can see that the mwg recognize this files as application/x-empty and because that it's allow all file types include some virus and malware.
Thisis a big problem!
when i block the application/x-empty in the global media type filtering , the mwg block all files in dropbox.
How can I create a rule that block this files and allow only approved file types inthe dropbox application?
You are most likley looking at the wrong trace file. The site is HTTPS so you may have a second trace file that you need to look at.
OR if you dont have SSL scanning on, then you will not be privvy to the media type within the SSL tunnel.
Take a screenshot of the "Top properties" tab, if that says the command name is CONNECT, then this is just the SSL tunnel, not the actual HTTP traffic.
I gave a big long response to something similar in this post:
Thank you for your answer,
I have exclude the drop box appfrom ssl scanning because of problem with the application in transparent proxy.
Later today I will return thessl scanning for the drop box and I will check if I can see the real file type.