Educause Security Discussion mailing list archives
Re:
From: Brad Judy <Brad.Judy () COLORADO EDU>
Date: Tue, 18 Dec 2007 13:43:26 -0700
I haven't read this whole thread (catching up at the moment), but there are a couple of options that meet your requirements. One is SENF from U Texas, which is Java based (requires 1.5 or later). Another is Find_SSN and Find_CCN from VT, which are python based and require either python environments or must be compiled into stand-alone executables (they provide a pre-compiled Windows exe). Yet another is to use a basic grep/regex combination, but this leaves you with little to no file interpretation capability (for example, it won't unzip an Office 2007 file and look inside). These are the only stand-alone, multiplatform options I'm aware of for this purpose (despite the lack of a built-in grep in Windows, the Gnu-based native port is readily available and works well). Brad Judy IT Security Office University of Colorado at Boulder
-----Original Message----- From: Schneider, David A [mailto:schneida () KU EDU] Sent: Tuesday, December 18, 2007 12:55 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] The ideal (in my own opinion) tool would be one that doesn't need to be installed on a computer and can run on any platform (Linux, Windows etc.) Perhaps Java-based, therefore. Not many fit these requirements. Many require the installation of numerous DLLs or outside libraries and frameworks (.NET is one example). -D. David Schneider CISSP, CHFI IT Security Office The University of Kansas 1001 Sunnyside Avenue Lawrence Kansas 66045 -------------------------------- Phone: 785-864-0472 Email: schneida () ku edu -------------------------------- http://www.security.ku.edu http://www.besekure.ku.edu ******************************************** The information transmitted by the above email is intended only for the addressee and may contain confidential and/or privileged material. Any interception, review, retransmission, dissemination, or other use of, or taking of any action upon this information by persons or entities other than the intended recipient is prohibited by law and may subject them to criminal or civil liability. If you received this communication in error, please contact us immediately at (785) 864-9003, and delete the communication from any computer or network system. ******************************************** -----Original Message----- From: Eric Case [mailto:ecase () EMAIL ARIZONA EDU] Sent: Tuesday, December 18, 2007 1:40 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] At 12:33 PM 12/18/2007 -0500, Hatala, Jeffrey wrote:a tool we use from Cornell University called "Spider" .Spider is a good but not what I think my end users can handle. Gary Golomb <gary () Proventsure com> posted "Early release - free commercial grade PII/NPI discovery software" back on 11/27. It's still beta but is something my users can handle. More information can be found here <http://www.proventsure.com/Proventsure%20Free%20PII%20Discove
ry%20Audit
%20and%20Management%20Application.html> and you can get it from here <http://www.proventsure.com/Proventsure%20Self%20PII%20Detection.zip>. -Eric Eric Case, CISSP <ecase () Arizona edu> Information Security Officer College of Engineering <http://www.Engr.Arizona.edu> 1127 E James E. Rogers Way Room 200 Tucson, AZ 85721-0020 Mobile Phone 520-275-6436
Current thread:
- Re: Brad Judy (Dec 18)