Security Basics mailing list archives
Re: PCI DSS Scanners
From: Chelsea Budzko <cbudzko () uoregon edu>
Date: Tue, 03 Apr 2012 09:21:53 -0700
PCI DSS is much more than a scan, which to my understanding is based on the presence, or lack of encryption levels sufficient to meet that PCI DSS piece of the entire requirement, which to seriously test would include an in-depth, person-to-person AND device config review, as well as the general topology of the said network. I have always found the advertisements for scanners and 'pci compliant' email clients to be hype only. They might provide the needed encryption, but the cannot in and of themselves make an organization PCI DSS compliant. hope this helps On 4/3/12 2:31 AM, skiera99 wrote:
Hi all, I need to perform a PCI DSS scan for one client. I am looking for the frameworks to do that. So far I tried: - Nessus - Rapid7 NeXpose Do you know anything else? ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- Chelsea Budkzo Information Services University of Oregon 541-346-1651 ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- PCI DSS Scanners skiera99 (Apr 03)
- Re: PCI DSS Scanners TAS (Apr 03)
- Re: PCI DSS Scanners haZard0us (Apr 03)
- RE: PCI DSS Scanners Phillip Fernandes (Apr 03)
- Re: PCI DSS Scanners Chelsea Budzko (Apr 03)
- RE: PCI DSS Scanners Bill Montgomery (Apr 03)
- Re: PCI DSS Scanners skiera99 (Apr 03)
- Re: PCI DSS Scanners pentester (Apr 11)
- RE: PCI DSS Scanners Mike Vella (Apr 11)
- Re: PCI DSS Scanners Livio Gario (Apr 12)
- Re: RE: PCI DSS Scanners Adam Pal (Apr 12)
- RE: PCI DSS Scanners Mike Vella (Apr 11)
- <Possible follow-ups>
- Re: RE: PCI DSS Scanners goswamituhin (Apr 04)