Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Using snort in an PCI DSS environment

From: elof () sentor se
Date: Wed, 20 Nov 2013 15:03:47 +0100 (CET)

Anyone here using a snort sensor in an PCI environment?

I'm wondering about PCI compliance regarding logging of potential card 
numbers...


Say I have a snort sensor in a PCI environment.
Nothing in the sensor is configured to detect and log card numbers on 
purpose. Only normal IDS-rules are enabled.

Do PCI still force me to encrypt the harddrive just because there is a 
possibility that a card number *could* accidentally be logged?


What do your QSA say?

Yes, the sensor's HDD is in scope and must be encrypted.

or

No, a few potential card numbers, logged by accident, does not count. 
It's like saying you need to encrypt your mailserver's harddrive just 
because someone can e-mail you card numbers even though you haven't asked 
for them.

/Elof

------------------------------------------------------------------------------
Shape the Mobile Experience: Free Subscription
Software experts and developers: Be at the forefront of tech innovation.
Intel(R) Software Adrenaline delivers strategic insight and game-changing 
conversations that shape the rapidly evolving mobile landscape. Sign up now. 
http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: