IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Using Snort to find creditcard data?

From: Jason <security () brvenik com>
Date: Thu, 27 Sep 2007 19:43:12 -0400
It is absolutely possible for common representations and protocols. I
would suggest a dedicated rules set to be maximally effective. You will
want to use a series of rules for valid prefix numbers qualified with a
PCRE.

A candidate for the PCRE might be here

http://dotnetslackers.com/Regex/re-7525_Regex_Credit_Card_Validation_Matches_Switch_Solo_Visa_MasterCard_and_Discover_in_4_4_4_4_4_4.aspx

google can point you towards all of the relevant data.

jerikl75 () gmail com wrote:

Would it be possible to write a Snort rule that triggers on possible
creditcard numbers and how would it look like?

PCI standars says that all creditcard data should be encrypted, It
woild be nice to verify that no card data shows up where it
shouldn't...

------------------------------------------------------------------------
 Test Your IDS

Is your IDS deployed correctly? Find out quickly and easily by
testing it with real-world attacks from CORE IMPACT. Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
 to learn more. 
------------------------------------------------------------------------





------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: