Educause Security Discussion mailing list archives
Re: Software that scans for SSN
From: Jeff Kell <jeff-kell () UTC EDU>
Date: Tue, 27 Sep 2005 22:30:59 -0400
Lee Weers wrote:
After thinking on this further, I have submitted a plug in request to Packeteer to look for SSN and credit card numbers so that the packets can be discarded at the packetshaper. I would think they should be able to do this with their deep level of packet inspection they always state. I also suggested a discard only rule so to not allow the harvesting of the information.
Umm... take a shot at cobbling together a few snort signatures to look for SSN or credit card patterns and throw traffic at it for an hour or two. You'll be overwhelmed with false positives. If you are running a personal firewall and want to look for *specific* SSNs or credit cards (yours or your families) that's a much more feasible possibility, and indeed an option in some packages. In fact, there are a few snort rules for SSNs/CCs; check the rulesets at bleedingsnort.com, specifically bleeding-policy.rules, sids 2001375-2001383. Jeff
Current thread:
- Software that scans for SSN Leila Lyons (Sep 27)
- <Possible follow-ups>
- Re: Software that scans for SSN Gary Golomb (Sep 27)
- Re: Software that scans for SSN Ramon Hermida (Sep 27)
- Re: Software that scans for SSN Lee Weers (Sep 27)
- Re: Software that scans for SSN Lee Weers (Sep 27)
- Re: Software that scans for SSN Jeff Kell (Sep 27)
- Re: Software that scans for SSN Gary Golomb (Sep 28)
- Re: Software that scans for SSN Ramon Hermida (Sep 28)
- Re: Software that scans for SSN Cam Beasley, ISO (Sep 28)
- Re: Software that scans for SSN Graham Toal (Sep 28)