Re: Scanner for sensitive information

[Wyman Miles <wm63 () CORNELL EDU>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Coming late to the party owing to an e-mail outage.

Spider3 will scan HTTP/HTTPS sites using arbitrary credentials, process
whatever file types it finds there, etc.  IdentityFinder has the same
capabilities.



- --On Monday, June 16, 2008 11:53 AM -0400 "Watson, Michael"
<michael.watson () VITA VIRGINIA GOV> wrote:

> Does anyone have one that will do online sites?  I'm fairly certain
> these could be modified to do so but if someone already has it why
> duplicate work!  Thanks in advance!
>
>
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Randy Marchany
> Sent: Monday, June 16, 2008 11:36 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Scanner for sensitive information
>
> The 3 best (in no particular order) freeware sensitive number scan tools
> are:
>
> 1. VA Tech's Find_SSNs available from http://security.vt.edu. Hey, I'm
> from VT
> so of course, I'll put ours first :-).
> 2. Cornell's Spider Tool available from
> http://www.cit.cornell.edu/security/too
> ls
> 3. UT-Austin's Sensitive Number Finder Tool (SENF) available from
> https://source.its.utexas.edu/groups/its-iso/projects/senf
>
> Some of the Virginia schools including VT are also using a commercial
> tool,
> IdentityFinder from www.identityfinder.com. It is able to check .pst
> files and
> PDFs for sensitive info.
>
>       -Randy Marchany
>       VA Tech IT Security Office & Lab



Wyman Miles
Manager, Security Engineering
Cornell University, Ithaca, NY
(607) 255-8421
-----BEGIN PGP SIGNATURE-----
Version: Mulberry PGP Plugin v3.0
Comment: processed by Mulberry PGP Plugin

iQA/AwUBSFk3c8RE6QfTb3V0EQJw6gCfbd//qoCsYvEY2qIgi2TRxkeQd3UAni9S
RxwninNVZXxF8k8zjev5kY79
=kdWy
-----END PGP SIGNATURE-----