Full Disclosure mailing list archives
Re: Snort Signature to detect credit cards
From: Siim Põder <siim () p6drad-teel net>
Date: Fri, 09 May 2008 11:38:47 +0300
Randal T. Rioux wrote:
FYI - http://www.emergingthreats.net This was discussed on the snort-sigs mailing list back in 2003. Check out http://marc.info/?l=snort-sigs&m=106601612825950&w=2 Also, as Ray mentioned, the Emerging Threats emerging-policy.rules contains some PCRE CC# checks. This will show you some:
I wrote a dynamic plugin for detecting CC numbers (requires snort 2.6+): http://p6drad-teel.net/~windo/release/creditcard.tar.gz It checks prefixes (visa/amex/etc), number length and the luhn code (the last digit) + allows arbitrary grouping by dashes and/or spaces. Siim _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Microsot DID DISCLOSE potential Backdoor, (continued)
- Re: Microsot DID DISCLOSE potential Backdoor J. Oquendo (May 07)
- Re: Microsot DID DISCLOSE potential Backdoor Paul Schmehl (May 08)
- Re: Microsot DID DISCLOSE potential Backdoor J. Oquendo (May 08)
- Snort Signature to detect credit cards wilder_jeff Wilder (May 08)
- Re: Snort Signature to detect credit cards Ivan . (May 08)
- Re: Snort Signature to detect credit cards Christopher Jacob (May 08)
- Re: Snort Signature to detect credit cards Ray P (May 08)
- Re: Snort Signature to detect credit cards Simon Smith (May 08)
- Re: Snort Signature to detect credit cards Randal T. Rioux (May 09)
- Re: Snort Signature to detect credit cards T Biehn (May 09)
- Re: Snort Signature to detect credit cards Siim Põder (May 09)
- Re: Snort Signature to detect credit cards poo (May 09)
- Re: Snort Signature to detect credit cards Ureleet (May 12)
- Re: Microsot DID DISCLOSE potential Backdoor Darth Jedi (May 08)
- Re: Microsot DID DISCLOSE potential Backdoor Paul Schmehl (May 08)
- Re: Microsot DID DISCLOSE potential Backdoor J. Oquendo (May 08)