× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. February 2008

Re: Sensitive Report Field "Mining" Tools

I have put together a outq spool file scanning tool. It will scan all
spoolfiles in an outq, searching for a string.

Maybe that would help you out.

look for it here: http://home.columbus.rr.com/jbmmdietz/scansplf.html

Bryan


On Feb 19, 2008 11:36 AM, Steven Martinson <smart-consultant@xxxxxxxxxxxxx>
wrote:

Are there any "freeware" tools out there that can aid in locating
instances within existing spool files where sensitive data may be exposed,
such as credit card numbers (regardless of the amount of masking done to the
16 digits), social security numbers, customer account numbers, pay rates,
etc.?

We (my current client) recently went through the process of obtaining
approval for the removal of *SPLFDTA from QAUDLVL (it is a heavy hitter to
the security journal receivers, after all) only to find that there are a few
reports that a developer is aware of that show SS numbers and pay rates in
the clear that probably should be monitored! We could always go the route
of securing the output queues with authorization lists and whittling down
our *SPLCTL special authority users as much as possible and then monitor
those that remain more closely as a mitigating control, but I think all
involved would rather know precisely where the sensitive data is exposed in
the report generation and distribution process and fix (change) how it's
handled. In fact, PCI compliance practically demands it.

I know of third-party tools like BCD's Catapult, that provides "the
ability to automatically create unlimited search indexes based on content in
the document such as PO number," but I'm sure that is based upon the fact
that you know which fields are present in the documents being searched. It
would take a LONG time to go through all of the output queues and their
spool files manually in an attempt to find the sensitive fields...

Any experience with this kind of thing or ideas?

Best regards,

Steven W. Martinson, CISA, CISM, CISSP
Security Consultant
Cypress, Texas

Smart-Consultant@xxxxxxxxxxxxx
Mobile: 713.277.5845
Fax: 281.758.2429
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.





As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.