Using Senf! for Discovering SSNs

Download Senf! Here

• Senf! created by the University of Texas (UGA custom build)
• Senf! Frequently Asked Questions

Senf requires Java. If you experience any errors while trying to run Senf, make sure you are using the latest vesion of Java. OS X users should check Software Update and make sure they are running version 1.6 or later.

What to Expect

This page discusses using Senf to search for SSNs. However, like any discovery tool there will be discovered files which do not contain SSNs, as well as potentially skipped files that do contain SSNs. Therefore, it is important to know that using Senf is only one part of the SSN discovery process, and to know all likely places where SSNs may exist before using Senf.

Senf is a self-contained java application which should run on any major operating system. The language on this page will target Windows, but Mac and Linux machines can also be scanned, so please adapt the examples to your environment.

Preparation

If you are not sure where to look for SSNs, follow our Faculty / Staff SSN Removal Guide for a better idea. Senf will scan a specific folder and any files or folders contained within. So if you have files in separate locations, you will need to run Senf more than once. Scanning your entire hard drive is not recommended, as this will generate a large amount of false positives.

The one location everyone should scan is their user profile. In Windows XP, this would likely be C:\Documents and Settings\(your username). This will include My Documents and your Desktop. If work files are stored on a separate hard drive, network drive, in stored email or listservs, or on backup CDs/DVDs, these should all be checked as well.

Running the Scan

Senf is pre-configured to provide a quality scan. However, Senf is very easy to configure within the interface, as well as in the .conf and .acl file if so desired.

1. Unzip Senf, and run Senf.jar to load the program.
2. Change the Root scan path: to the first location you wish to scan. You should also make sure that Minimum number of matches: is set to 1 and Check last modified date? is unchecked.
3. Next, click the LogFile Options tab. If no location is set for LogFile the log and report will be written in the same folder as Senf. It is important to realize logs and reports generated by Senf are inherently sensitive documents if they point to files containing SSNs.
4. Encryption is suggested, but safeguarding the log files is necessary either way. Without encryption, the report file that Senf generates can be viewed in a text editor; otherwise it must be loaded through Senf, which will be explained further below.

Run the scan once everything is checked. Senf can be minimized, or run overnight, though the program is rather fast for a scanning program.

Interpreting the Results

Once the scan is complete, the top window will stop generating the log file, and the middle window will display the results. Click on a result to display the potential SSN in the top window. If you are not sure if the number is an SSN, double click on a result to display the entire contents of that file. Some files may not display properly, so you will need to manually go to that file's location and load the file to check if SSNs exist. There will be plenty of false positives, so it is important to know what is and is not an SSN:

• Checksum="415799579">xgQCxLTfyQE=</OriginalModDate
• 001470726F6A6563745461624C6F
• ÿÿs¼481406250
• /photos/elijah/106827685/in/set-113416

• SSN: 256-41-0000<br />
• UGAID: 256410000
• Jane Smith - 256-41-0000

One shortcoming of Senf that should be known is that the results only display as many potential SSNs in a document as set by the Minimum number of matches:. So a document that has a false SSN at the top may still have a real SSN further down the document. The bottom line is the results Senf generates are simply a guide. Ignore files that repeatedly produce false positives, and investigate further any files that might contain SSNs even without direct proof from Senf.

SSN Replacement

Once you have found files that contain SSNs, the SSN should be removed unless required by law. The Faculty / Staff SSN Removal Guide lists four options for handling SSNs. Make sure any deleted SSN files (including senf logs and reports) are beyond recovery, either by using a safe delete program, or at least emptying the recycle bin. Once you have removed all unnecessary SSNs, run Senf again to see if any were skipped over.

Alternatives to Senf!

There are plenty of other tools available, though results will vary depending on the tool. Try these out if an alternative to Senf is needed.

• Cornell's Spider
• Virginia Tech's Find_SSN
• Illinois' Firefly
• Miami's SSN Finder
• Texas' Senf home page

Further Questions?

If you have any questions, first ask for advice from the IT staff in your department. If you or they still have questions, please feel free to contact the EITS Help Desk at (706) 542-3106. The Help Desk should be able to answer frequent questions, or reach the Office of Information Security if they cannot answer your question.

• Senf FAQ
• SSN Replacement Initiative Resource Page
• Faculty / Staff SSN Removal Guide