Back to IT Security
ABOUT SPIDER 2008 (SPIDER4)
Cornell University created an open source forensics tool called Spider which can search your computer hard drives, removable media, and network shares for files that may contain confidential data. The tool is configured to look specifically for Social Security Numbers and Credit Card Numbers but can be customized to search for other types of data.

Important Note: Depending on the size of your hard drive, the amount of data and the speed of your computer, Spider may take a significant amount of time to complete and can limit the impact of other work. It's best to run Spider at the end of your workday and check the state file the next morning. Spider can be setup for unattended scheduled scans.

Once a scan has completed, it will create a state file located at the path ¡°C://Documents and Settings/your username/Local Settings/Application Data/Spider/State¡± with the file extension .ss3. This log file will list all the files on your computer that could possibly contain confidential information. All files listed may not actually contain confidential information, (called false positives), but will give you the source to examine these files, verify if confidential information is present, and make a decision as to what action needs to be performed.

Note: Please do not contact Cornell University¡¯s help desk concerning any issues with Spider.

WARNING: The Spider log file can point directly to some very sensitive information. As a result, the file must be very well protected and removed promptly to ensure it is not used by unauthorized persons. Make sure to promptly delete the state file when you have finished researching it. The best method of deletion is to select the file, hold down Shift key and press Delete.

Download Spider4
    1.Click HERE to save a Spider 2008 download file to your computer.
Installing Spider4

To begin installing Spider, locate the zipped folder that you downloaded called ¡°Spider_Release_2008¡±. In Most cases by default it should be located on your Desktop unless you chose another destination during the download process. Once the folder is located, continue below:

  1. Open zipped folder called Spider_Release_2008.
  2. Open a second folder called Spider_Release_2008.
  3. Double Click Spider4.msifile.
  4. Select run.
  5. Select Next twice.
  6. Select Install.
  7. Select Finish.
  8. Download is complete and you can close out the Spider_Release_2008 window.
Running Spider4
  1. Delete Temporary Internet Files, Cookies and History from your web browser(s). This will speed up the scan process of Spider plus eliminate ¡°false positives¡±.
  2. If you are scanning files on a laptop, it is recommended that you plug your computer in to an electrical outlet rather than use battery power due to the fact that the scan will take a substantial amount of time.
  3. From the Start Menu, Choose All Programs ¨C Spider4 ¨C spider4.exe.
  4. A welcome screen may open giving you the following options:
    • Scan Assist (a simple scan wizard - just follow the directions)
    • Load Previous (allows you to load a previous unfinished or finished scan)
    • Just use Spider (gives more controllable scan options)
  5. If a welcome screen does not appear, and there has been a previous scan in the last hour, Spider will automatically go into ¡°Load Previous¡±. The only way to change this behavior is to delete the previous state file. It is also possible that Spider may bypass the welcome screen and go directly into ¡°Just use Spider¡±. If so, Scan Assist can be reached by selecting the Tools menu and then Scan wizard.
  6. By default Spider scans the most likely file types that may contain sensitive data such as:
        7. 1. Mailboxes
        2. Office documents including MS Office
        3. PDFs
        4. Some database formats including Fox Pro, Access, most dBase III/IV derivatives
        5. Compressed archives including ZIP, Gzip, and BZip
        6. HTML
        7. Legacy formats such as Quattro and Lotus 1-2-3 files
  7. If performing the scan during hours in which you can view the progress, adjust the Spider window so that you can view the progress meter at the bottom left corner. It is possible at times that Spider scan may seem as if it has stalled but this is actually normal and needs time to complete.
  8. Upon completion of the scan, Spider will list found matches and/or false positives. Click on the plus sign beside the file to show what match was found within the file. Right click on the file to view a list of actions you can take such as:
        1. Securely erase or move a file
        2. Move the file to the recycle bin
        3. Ignore the file as a false positive
        4. Mark the file as a valid find but leave on the computer
        5. Open the file
  9. Remember to delete the state file once cleaning is completed.