[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Snort Signature to detect credit cards
- To: "Randal T. Rioux" <randy@xxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Snort Signature to detect credit cards
- From: Siim Põder <siim@xxxxxxxxxxxxxxx>
- Date: Fri, 09 May 2008 11:38:47 +0300
Randal T. Rioux wrote:
> FYI - http://www.emergingthreats.net
>
> This was discussed on the snort-sigs mailing list back in 2003. Check out
> http://marc.info/?l=snort-sigs&m=106601612825950&w=2
>
> Also, as Ray mentioned, the Emerging Threats emerging-policy.rules
> contains some PCRE CC# checks. This will show you some:
I wrote a dynamic plugin for detecting CC numbers (requires snort 2.6+):
http://p6drad-teel.net/~windo/release/creditcard.tar.gz
It checks prefixes (visa/amex/etc), number length and the luhn code (the
last digit) + allows arbitrary grouping by dashes and/or spaces.
Siim
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/