Firewall Wizards mailing list archives
Re: PCI DSS & Firewalls
From: "Mark" <firewalladmin () bellsouth net>
Date: Mon, 6 Apr 2009 08:37:18 -0400
Brian Loe wrote: " What I would VERY MUCH LIKE is a "checklist" like the first set of instructions I got for (well, it's late and I can't remember the acronym - and it's since been changed anyway - DoD crap)...." Oh let me guess! Is it the STIG? Security Technical Implementation Guide? Oh and now we have the infamous "DISA Gold" which will hit you with a bunch of CAT 1&2 findings if the system is actually supposed to work. I've also noticed that between the STIG's, checklists (there are checklists in addition to the STIG and they are simply called Windows XP Security Checklist or Desktop Applications Security checklist, etc.) and FDCC there are conflicting security measures, making it impossible to ever be "fully" compliant. I will site a simple example that I recall from the top of my not-yet-balding head (paraphrased, not quoted): Finding - You have more than one user in the Administrators group on the computer. For best security, you should only have one user in the Administrators group on a machine. Finding - You do not have a backup Administrator account on the machine. For best security, you should create a second Administrator account on the computer and keep the password locked in a safe area in case no Administrators are available, an authorized individual can still perform administrative functions on the computer. (Goes back to lurking - Mark) _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: PCI DSS & Firewalls, (continued)
- Re: PCI DSS & Firewalls Chris Blask (Apr 02)
- Re: PCI DSS & Firewalls Paul D. Robertson (Apr 02)
- Re: PCI DSS & Firewalls Jim Seymour (Apr 02)
- Re: PCI DSS & Firewalls Chris Blask (Apr 02)
- Re: PCI DSS & Firewalls Paul D. Robertson (Apr 02)
- Re: PCI DSS & Firewalls Jim Seymour (Apr 02)
- Re: PCI DSS & Firewalls Marcus J. Ranum (Apr 02)
- Re: PCI DSS & Firewalls Paul Melson (Apr 03)
- Re: PCI DSS & Firewalls Brian Loe (Apr 05)
- Re: PCI DSS & Firewalls miedaner (Apr 05)
- Re: PCI DSS & Firewalls Mark (Apr 06)
- Re: PCI DSS & Firewalls Brian Loe (Apr 06)
- Re: PCI DSS & Firewalls Paul D. Robertson (Apr 02)
- Re: PCI DSS & Firewalls Chris Blask (Apr 02)
- Re: PCI DSS & Firewalls Marcus J. Ranum (Apr 02)
- Re: PCI DSS & Firewalls Chris Blask (Apr 02)
- Re: PCI DSS & Firewalls ArkanoiD (Apr 10)
- Re: PCI DSS & Firewalls Frank Knobbe (Apr 02)
- Re: PCI DSS & Firewalls Marcus J. Ranum (Apr 02)
- Re: PCI DSS & Firewalls AMuse (Apr 02)
- Re: PCI DSS & Firewalls Darden, Patrick S. (Apr 02)
- Re: PCI DSS & Firewalls Paul D. Robertson (Apr 02)
- Re: PCI DSS & Firewalls Chris Myers (Apr 02)