Just a quick post to list some help tools for detecting cardholder data on your systems, or tools to setup for ongoing controls to monitor for cardholder data.
ccsrch is a tool that searches for and identifies unencrypted and contiguous credit card numbers (PAN) and track data on windows and UNIX operating systems. It will also identify the location of the PAN data in the files and record MAC times
Senf is a fast, portable tool (written in Java, runnable just about everywhere) for finding sensitive numbers. Use this tool to identify files on your system that may have Social Security Numbers (SSNs) or Credit Card Numbers (CCNs).
Spider’s purpose is to identify files that may contain confidential data. It scans a collection of files, searching for patterns of numbers or letters that resemble Social Security numbers or credit card numbers (additional search patterns can be created using Unix regular expressions).
5) Snort –
Threat Snort rules, (see
BLEEDING-EDGE Credit Card Number Detected
ET POLICY Credit Card Number Detected in Clear) You might be using snort as
and IDS – or using a product or appliance that uses it as its engine.
This tool is also very handy to check for email that contains CC data as
well. (EDIT: Bob writes to say the that Emerging Threats have replaced
the Bleeding Edge project as it died. Thanks !)
using the parameter Strings -n min-len
Let me know of others that are useful.