Main Nav

Like many schools, we have have purchased Identity Finder for MacOS and Windows use, but we’re starting to hit parts of campus with a higher percentage of Linux systems as we remediate. Thus…

 

What’s your take on Linux friendly sensitive number (SSN, credit card) search tools? We’ve previously looked at Spider and we’ve run SENF, but it’s time to see if there are better tools out there with lower false positive rates, the potential to report centrally, or other useful enterprise style features.

 

Thanks!

 

David

 

David Seidl

Director of Information Security

Office of Information Technologies

University of Notre Dame

Notre Dame, IN 46556

(574) 631-7305

dseidl@nd.edu

 

 

Comments

We’ve also purchased Identity Finder and for searching Linux machines, we have massaged a solution that works fairly well if the goal is a onetime cleanup and not recurring searches. We share the directory to be searched via Samba, mount the drive on a Windows machine that has Identity Finder installed, and then right-click search the drive (need to have the Explorer shell extensions enabled via policy).

 

The search will be a bit slower than running on a locally attached disk, but it will work and as long as the user account that mounted the share has the correct permissions, you will be able to Shred/Scrub/otherwise remediate within the Identity Finder client.

 

Hope that helps,

 

Dan Woodruff

University IT Security and Policy

University of Rochester

 

 

 

Message from marchany@candi2.cirt.vt.edu

On 07/24/2012 09:49 AM, David Seidl wrote: > Like many schools, we have have purchased Identity Finder for MacOS and Windows use, but we're starting to hit parts of campus with a higher percentage of Linux systems as we remediate. Thus... > > What's your take on Linux friendly sensitive number (SSN, credit card) search tools? We've previously looked at Spider and we've run SENF, but it's time to see if there are better tools out there with lower false positive rates, the potential to report centrally, or other useful enterprise style features. > > Thanks! > > David > > David Seidl > Director of Information Security > Office of Information Technologies > University of Notre Dame > Notre Dame, IN 46556 > (574) 631-7305 > dseidl@nd.edu > > > There's our Find_SSN tool that's available from http://security.vt.edu. Runs on all three platforms. -Randy Marchany VA Tech IT Security Office & Lab