[EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Would it be possible to write a Snort rule that triggers on possible > creditcard numbers and how would it look like? >
I'm pretty sure that it's possible, but what it would like is largely dependant on the applications which are sending the credit card data, as the payload of the packets will vary based how a given application sends the numbers. There's a handy list of test credit card numbers available at : https://www.paypal.com/en_US/vhelp/paypalmanager_help/credit_card_numbers.htm That may be helpful for developing your own ruleset for your particular apps; at the very least, it provides a concise list which can be used for pattern matching... -- Jason ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
