Difference between revisions of "How to install ccsrch on Centos 6"

From Brian Nelson Ramblings
Jump to: navigation, search
(Install Dependencies for Making ccsrch)
(Check for Credit Card information in your html directory)
 
Line 70: Line 70:
 
===Check for Credit Card information in your html directory===
 
===Check for Credit Card information in your html directory===
  
  ccsrch -o /tmp/ccsrch.log /var/www/
+
  ccsrch -o /tmp/ccsrch.log /var/www/html/
  
 
==Creating a Cron to Email Results nightly==
 
==Creating a Cron to Email Results nightly==

Latest revision as of 17:39, 6 August 2015

How to install ccsrch on Centos6

CCSRCH is a cross-platform tool for searching filesystems for credit card information.

ccsrch is a tool that searches for and identifies unencrypted and contiguous credit card numbers (PAN) and track data on windows and UNIX operating systems. It will also identify the location of the PAN data in the files and record MAC times.

As part of the eCommerce world you will want to make sure that no credit card information is being stored on your server.

Install Dependencies for Making ccsrch

When installing ccsrch I found that I needed to install gcc, mailx and glibc-static

yum install gcc glibc-static mailx

Download and Install ccsrch

You can download the file http://sourceforge.net/projects/ccsrch/, I have downloaded a copy to the site

cd /tmp/
wget http://briansnelson.com/stuff/ccsrch-1.0.3.tgz
tar -xzvf ccsrch-*
cd ccsrch-*
make all

Then copy it over to your bin directory

cp ccsrch /bin/

ccsrch Usage

Using CCSRCH

Usage: ./ccsrch <options> <start path>
 where <options> are:
   -b             Add the byte offset into the file of the number
   -e             Include the Modify Access and Create times in terms
                  of seconds since the epoch
   -f             Just output the filename with potential PAN data
   -j             Include the Modify Access and Create times in terms
                  of normal date/time
   -o <filename>  Output the data to the file <filename> vs. standard out
   -t <1 or 2>    Check if the pattern follows either a Track 1
                  or 2 format
   -T             Check for both Track 1 and Track 2 patterns
   -c             Show a count of hits per file (only when using -o)
   -s             Show live status information (only when using -o)
   -l N           Limits the number of results from a single file before going
                  on to the next file.
   -n <list>      File extensions to exclude (i.e .dll,.exe)
   -m             Mask the PAN number.
   -h             Usage information

Examples:

Generic search for credit card data starting in current directory with output to screen:

ccsrch ./

Generic search for credit card data starting in c:\storage with output to mycard.log:

ccsrch -o mycard.log c:\storage

Search for credit card data and check for Track 2 data formats with output to screen:

ccsrch -t 2 ./

Search for credit card data and check for Track 2 data formats with output to file c.log:

ccsrch -t 2 -o c.log ./

Check for Credit Card information in your html directory

ccsrch -o /tmp/ccsrch.log /var/www/html/

Creating a Cron to Email Results nightly

Create a bash script to put into your cron like

#!/bin/bash

## Run Clamav on Specific Dir
/bin/ccsrch -o /tmp/ccsrch.log /var/www/html/ >/dev/null 2>/dev/null 

##Send Report
SUBJECT="CCSRCH Report for `uname -n`, `date +%m-%d-%Y`" 

/bin/mail -s "$SUBJECT" '[email protected]' < /tmp/ccsrch.log 

## archive results 

/bin/mv /tmp/ccsrch.log /tmp/ccsrch-`date +%m-%d-%Y`.log

Setup the Nightly Cron

crontab -e

add the following

00 00 * * * /path/to/script/cron-ccsrch.script