|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Siim Põder (siim
p6drad-teel.net)
Date: Wed Oct 10 2007 - 03:41:17 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Yo
jerikl75gmail.com wrote:
> Would it be possible to write a Snort rule that triggers on possible
> creditcard numbers and how would it look like? PCI standars says that
> all creditcard data should be encrypted, It woild be nice to verify
> that no card data shows up where it shouldn't...
I wrote a dynamic rule for this. It does the Luhn check (as i understood
it) and prefix/length verification. It's a quick implementation and
probably uses a tad too much of CPU time, but seems to work. Any
suggestions/improvements are welcome.
http://p6drad-teel.net/~windo/jama/creditcard_number.c
add it to so_rules and add "creditcard" to
libs :=
section in the Makefile
Siim
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]