Re: Identify Finder

[Nick Silkey <silkey () ECE UTEXAS EDU>]

McNeil, Sharon McLawhorn wrote:
> Does anyone have experience with the scanning tool "Identify Finder"?
> We're looking for a tool to assist us in discovering sensitive data such
> as SSN's, credit card numbers, etc.

Assuming you have file-level access to a datapool you want sanitized of
all SSN|CC data, why not try some open-source tools like SENF[1] or
Spider[2]?

SENF was written in-house by the ISO at The University of Texas at
Austin.  Its Java, so its multi-platform assuming you have a JRE
installed on your Windows|Mac|Linux host.  Its also actively developed,
and the maintainers are responsive to bugs and RFEs.  SENF used to be
very chatty with false-positives, but the developers included flags to
skip various binaries (i.e. multimedia) that led to FPs.

Spider was written by Cornell.  Its perl, so its also multi-platform
assuming you have a fairly-recent interpreter installed.  Coupled with
the Helix LiveCD, its a disposable out-of-the-box solution.  A cool
feature that I have yet to use is Spider can establish a server-client
relationship for encrypted-reporting-to-the-mothership of scan results.

I believe users free to amend the included regexes to accommodate your
environment, but theyre pretty well-written as of now.

Best of luck ...

[1]: https://source.its.utexas.edu/groups/its-iso/projects/senf/

[2]: http://www.cit.cornell.edu/security/tools/

--
Nick Silkey | silkey () ece utexas edu
Senior Operating Systems Specialist
Electrical & Computer Engineering
The University of Texas at Austin
ENS 340 | 512.475.8284 | 0x35EB31E2