Bill - anything that puts another routable network alongside of the card
processing info is in scope. The real; issue is that the PCI-SSC decided
to formally create a policy to hold the auditors harmless in their
actions and that is about to change.
Todd
On 5/1/2014 8:52 AM, William Herrin w
On Thu, May 1, 2014 at 6:29 AM, Alain Hebert wrote:
> Bill & Telnet...
>
> I hope that QSA didn't let you keep that telnet facing any
> public interface without any protection.
Hi Alain,
The point I made, successfully, was that it was outside the firewall
hence out of scope for the a
ther reason PCI is not necessarily
> about security
>
> David
>
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Ulf Zimmermann
> Sent: Wednesday, April 30, 2014 8:36 PM
> To: William Herrin
> Cc: nanog@nanog.org
> Subject: Re
rs (was Re: We hit half-million: The
Cidr Report)
The auditors VMware sent to us were just as bad. To ensure we weren't
running "rogue" ESX(i) servers or WorkStation, they made us provide full
arp/cam tables. Then a list of the virtual machines. "Oh look, this MAC
isn't lis
The auditors VMware sent to us were just as bad. To ensure we weren't
running "rogue" ESX(i) servers or WorkStation, they made us provide full
arp/cam tables. Then a list of the virtual machines. "Oh look, this MAC
isn't listed as one of your virtual machines". It isn't because it was
running on vi
On Wed, Apr 30, 2014 at 5:23 PM, Larry Sheldon wrote:
> On 4/30/2014 11:30 AM, valdis.kletni...@vt.edu wrote:
>> And in that discussion, we ascertained that what the PCI standard actually
>> says, and what you need to do in order to get unclued boneheaded auditors
>> to sign the piece of paper, ar
6 matches
Mail list logo
