You are not logged in.
- Topics: Active | Unanswered
#1 2018-04-13 21:29:11
- stefano
- Member
- Registered: 2011-04-09
- Posts: 269
Tools for "Sensitive Information Scanning" ?
I am the system administrator of a Linux system owned by the University I work for (my desktop workstation, in fact), and they are asking me to carry out
a scan for sensitive information (SSN, etc) to get into compliance with university's and state's policies.
They have no clue about Linux systems and directed me to a tool called Identity Finder which is neither free nor available for Linux (Windows only, in fact).
While looking for alternatives, I found several references to a free multi-platform tool called "Spider" written by the Security Lab at Cornell U. However, all links to it on Cornell's server seems to be dead.
Does anyone know if there is a similar tool available, preferably in the repos?
Cheers,
S.
Offline
#2 2018-04-13 22:48:29
- Trilby
- Inspector Parrot
- Registered: 2011-11-29
- Posts: 30,332
- Website
Re: Tools for "Sensitive Information Scanning" ?
Just encrypt your disk/data and move on. No such tool would be any good - your university's security policies sound about as brain dead as mine. What exactly could a tool possibly scan for that would differentiate a SSN from any other bit of data? Nothing.
But if you must comply with a completely asinine policy, just set a systemd timer to run something like the following:
grep -rl '[0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9][0-9][0-9]' /* > /var/log/OhDearGod_NineDigitsExist_HereLast edited by Trilby (2018-04-13 22:54:45)
"UNIX is simple and coherent" - Dennis Ritchie; "GNU's Not Unix" - Richard Stallman
Offline
#3 2018-04-13 23:17:57
- stefano
- Member
- Registered: 2011-04-09
- Posts: 269
Re: Tools for "Sensitive Information Scanning" ?
Just encrypt your disk/data and move on. No such tool would be any good - your university's security policies sound about as brain dead as mine. What exactly could a tool possibly scan for that would differentiate a SSN from any other bit of data? Nothing.
But if you must comply with a completely asinine policy, just set a systemd timer to run something like the following:
grep -rl '[0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9][0-9][0-9]' /* > /var/log/OhDearGod_NineDigitsExist_Here
Well yes, I agree the policy is brain dead, but I doubt my administrators, as silly as they are, are dumb enough to fall for the grep trick you posted....
I will probably encrypt my document folder and be done with it. Even though I really don't like the idea
Offline
#4 2018-04-13 23:48:24
- progandy
- Member
- Registered: 2012-05-17
- Posts: 5,280
Re: Tools for "Sensitive Information Scanning" ?
Identity Finder (or spirion) seems to be available for linux as well: https://support.spirion.com/hc/en-us/ar … ease-Notes
Ugh. I wonder what data that tool reports to the policy owner... So that makes them "trust" you, but what makes you trust them with your data?
| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |
Online