Topics Map > IT Services > IT Security

Identity Finder - Identities and Locations

This page is going to explain what the identities and Locations tabs of Identity Finder do, and how to use them to customize your scan.

Identities

These are the many different types of PII that Identity Finder can search for. There are many types of PII, but Social Security Numbers, Driver's Licenses, Bank Account Numbers, and Passport Numbers are turned on by default and cannot be turned off because Academic Computing has decided that these types of PII are the most important to secure. If you would like to be more thorough, then you may scan for additional types of PII. Located below, there is a list of short descriptions of each PII type followed by a picture of the Identity Finder Identities tab.

  • Password Entries - Anyfind will find series of characters that represent Password Entries, this includes any passwords that are found inside the browser data that is saved for the 'autocomplete' form and any string that follows permutations of the word 'password.'
  • Bank Account Numbers - Expands identity finder search to look for string of numbers that match bank account number patterns.
  • Dates of Birth - Expands identity finder search to look for strings of numbers and letters that correspond to dates. This is in the format of MM/DD/YYYY.
  • Phone Numbers - Expands identity finder search to look for strings of number that correspond to phone numbers. IDF will search for formats in either (###) ### - #### or ### - ### - ####.
  • E-Mail Addresses - Expands identity finder search to look for strings of letters that correspond to email addresses.
  • Personal Addresses - Expands identity finder search to look for strings of letters that correspond to personal home addresses. IDF will search for addresses in the example format. Ex: 469 Despard Street; Decatur, GA 30030.
  • Health Info - Expands identity finder search to look for any data that might be health information. In AnyFind you can change the parameters to search for medical record numbers, as well as National Provider Numbers (NPIs).
  • Worldwide - This will allow the user to search for additional identities using patterns for PINs from other countries. These countries include: The United Kingdom, Australia, and Canada.



 

Locations

  • Locations are where, in or out of your computer, that Identity Finder will search. 
  • Locations can be of the following areas:
    • The computer's local hard drive(which is set by default to always be searched)
    • The computer's registry files and browser data. 
  • While searching locations, ‘Files,’ ‘E-mails,’ ‘My Computer,’ and ‘Email Attachments’ will be selected by default. 
    • ‘E-Mail Attachments’ and the ‘E-Mails’ setting may be deselected though. 
  • You should select areas to be searched based on whether or not you think that particular location holds any sensitive information. Below, we will go through each location.

 

Files location - This location is your hard drive and identity finder will search this location any time a search is run. Files include all files on your computer that can be read by Identity Finder. Identity Finder can search more than 200 of the most common file types using its built-in filters and a built-in feature of Microsoft Windows, available since Windows 2000 called IFilters. For these filterable file types, Identity Finder can search the file while preserving the format and structure of the file.

E-Mails location - This setting will search for identities within email messages. E-Mails include all E-Mail messages on your computer and their attachment files, that can be read by Identity Finder. Identity Finder can read from several E-Mail programs including:

  • Microsoft Outlook
  • Outlook Express/Windows Mail (This does not include Windows Live Mail)
  • Mozilla Thunderbird
  • MBOX formatted mail files

For Microsoft Outlook, Identity Finder will also automatically search Contacts, Calendar Entries, and Tasks, but you may disable the searching of these items by de-selecting their folders in the E-Mail Settings. Note that Identity Finder cannot search E-Mail that is not stored on your computer, if you use a web browser to access your email.

 

 

Browser locations - This setting will enable identity finder to search for identity information inside of your browser’s hidden data fields, such as password and autocomplete forms. Searching within Browsers (web browsers such as Internet Explorer and Firefox) is a very powerful feature because it will search one of your most commonly used applications for personally identifiable information. Your web browser may automatically, and without your knowledge, save your passwords and form data (sometimes referred to as AutoComplete data) when you interact online. This information commonly contains credit card information or a password to a merchant. Identity Finder can uncover this information and secure or shred it. You can enable searching of Web Browsers by clicking the Browsers button on the Locations ribbon. When enabled, the button will be highlighted orange.
The following browsers can be searched:

  • Microsoft Internet Explorer 5 and later
  • Mozilla FireFox 2 and later

 

 

Registry - The Search the Following Registry Keys setting will give you the option to let Identity Finder search only common Windows Registry Keys, or all Windows Registry Keys:

  • Only Common Registry Keys: Only search the sections of the Registry typically used by software applications.
  • All Registry Keys: Search all Registry keys that might contain personal information.

 

Websites - The Include Web Pages in Website Search setting allows Identity Finder to search website pages such as htm, html, asp, aspx, etc.
The ‘Search Webfiles’ includes file formats such as: doc, xls, pdf, etc.

The Use the Following Behavior for External Links setting allows Identity Finder to search externally linked pages and files.
There are three options:

  • Ignore External Links: Only search website pages for the domain name you specify (i.e., search identityfinder.com but do not follow links to velosecure.com).
  • Search Externally Linked Files but do not Follow External Page Links: Only search website pages for the domain name you specify (i.e., search identityfinder.com but do not follow links to pages on velosecure.com), but search any files linked to external sites (i.e., search files on velosecure.com).
  • Follow External Links: Search any page or file that is linked to from the site you chose to search regardless of whether it is the same domain.
  • Restrict Links to Specified URLS in Website Address List: Identity Finder will only follow links whose URLs are specified in the Website list. 
    • If http://www.mywebsite.com/documents was specified, and that contained a link to www.mywebsite.com/personal, that link would not be followed. However, a link to www.mywebsite.com/documents/2012 would be followed.


  • Restrict the Link Depth to Follow to: allows you to restrict the number of pages deep that Identity Finder will search when crawling web pages. 
    •  You may set this to as many pages deep as you prefer. 
    •  To search an unlimited depth, uncheck the box. 
    •  To restrict the depth, check the box and specify how deep you would like Identity Finder to search.

The Use This Redirect Policy setting allows you to specify the redirect policy to use when crawling web pages:

  • None: No redirection will occur. If the web page being searched is redirected to another page, Identity Finder will not follow the redirect.
  • Basic: Only basic redirection is allowed. Identity Finder will follow a redirect as long as it is on the same domain and not being redirected from HTTPS to HTTP.
  • HTTPS to HTTP: Allows redirection from a secure page to a non-secure page.
  • External: Allows redirection to a web page on a different domain.
  • All but External: All redirection is allowed except for External. Any redirection to a different domain will not be followed.
  • All: Identity Finder will follow all redirects.

The Website address list includes a list of URLs to crawl for sensitive data. To enter website addresses, simply type the location in the Website Address field then click the Add button. If you type a single word such as identityfinder, then "http://www." will be prepended and ".com" will be appended for your convenience. It is also possible to Specify Credentials for a Website that requires a username and password. There is no limit to how many websites you can search.

The Supply Credentials setting allows you to search a website that requires a username and password. To have Identity Finder authenticate, click the Supply Credentials checkbox and enter a Username and Password. Then click the Add button for that website. If you want to hide or mask the passwords you enter, click the Mask button. To reveal the passwords again, click the Unmask button.

 

Database Search

  • This will search any Database that you draw a connection to. 
  • To add a Database Connection:
    •  Click the browse button (the ... button next to the Database Connection field). 
    •  Choose an OLE DB Provider from the Data Lin Properties dialog. 
    •  Select the appropriate provider like Microsoft OLE DB Provider for SQL Server, then click Next.
    • Now you will see the Connection tab. 
      • For SQL Server you will see the below. 
    • In field #1, enter the server name
    • In field #2 enter your credentials
      • If you are logged into Windows with the appropriate credentials, choose the Use Windows NT Integrated Security option, otherwise Use a specific user name and password. 
    • In field #3, select the database
      • If you use the drop down, you will see a list of available databases. 
    • Press Test Connection
      • If successful, press OK and you will be taken back to the Identity Finder dialog for Database Connections.
    • Press Add.




Compressed Files Search

  • Allows you to determine whether or not compressed files are searched and if so, what compressed file extensions are allowed to be searched.
  • By default this is active and all file extensions are selected. 
  • Identity Finder will search compressed files along with all extension types.

My Computer

  • Specifies that Identity Finder will search all drives (removable and local) on your computer. 
  •  This option will be selected by default.

Compressed Files Search

  • This setting will allow you to determine whether or not compressed files are searched and if so, what compressed file extensions are allowed to be searched. 
  • You can enable searching of Compressed Files by clicking the Compressed Files button on the Locations ribbon. 
  •  Compressed files are archives that contain additional files. 
  •  Identity Finder will search for compressed files in the File Location you specify. 
  • By default this is active and all file extensions are selected. So Identity Finder will search compressed files along with all extension types.

E - Mail Attachments

  • You can enable searching of Attachments by clicking the E-Mail Attachments button on the Locations ribbon. 
  • Identity Finder will search inside attachments, if a message contains any.
  • By default attachments that contain compressed files will not be searched unless you also select the Compressed Files option.

 Back to Advanced Search




Keywords:Identity Finder Identities and Locations   Doc ID:53912
Owner:Richard M.Group:UW Oshkosh
Created:2015-07-14 13:21 CDTUpdated:2016-12-29 11:46 CDT
Sites:UW Oshkosh
Feedback:  0   0