On Jul 23, 2009, at 12:11 PM, Steve Atkins wrote:
They asked me to open up my firewall to them, pointing at a fake
server, just so they'd have something to audit, after failing our
audit "because we only allowed access to the application from inside
our firewall."
I'm glad it wasn't just
On Jul 23, 2009, at 12:11 PM, Steve Atkins wrote:
4) Is is possible to compile C or Java code that will allow me to
be the only one whom knows the pass-key but allow other users to
encrypt/decrypt data?
Yes, that's asymmetric cryptography, using something like DSA.
Oops. Missed the "
On Jul 23, 2009, at 10:11 AM, bulk wrote:
I am working for a small company that is going through a PCI DSS
audit.
securitymetrics.com? (They seem to be the low bidder, with everything
that implies. They asked me to open up my firewall to them, pointing
at a fake server, just so they'd ha
On Thu, Jul 23, 2009 at 6:11 PM, bulk wrote:
> 1) What are the default 3des key lengths when you load postgresql
> enterprise db on a redhat ES x86_64 box?
Traditionally 3des can use either 112-bit or 56-bit keys. I think the
openssl interface actually lets you set the third key separately now
b
