Educause Security Discussion mailing list archives

Re: PCI DSS compliance challenges

From: Gary Flynn <flynngn () JMU EDU>
Date: Wed, 10 Jun 2009 17:55:31 -0400

Michael Johnson wrote:

Caution, ASV Approaching...
My company is an approved scan vendor (# 3710-01-02) and we help people
scope their environment every day. We provide a FREE tool called Range
Probe that will find all open and active IPs in a range.


Do you do this by scanning a network identified by a client
as containing credit card handling devices? That seems
pretty straightforward.

Or do you put the scanner inside the identified network and
scan outwards to see what it can connect to and what is
connected to it?


--
Gary Flynn
Security Engineer
James Madison University
www.jmu.edu/computing/security

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

Re: PCI DSS compliance challenges, (continued)
- Re: PCI DSS compliance challenges Brad Judy (Jun 10)
- Re: PCI DSS compliance challenges Greene, Chip (Jun 10)
- Re: PCI DSS compliance challenges Ellen Smout (Jun 10)
- Re: PCI DSS compliance challenges Basgen, Brian (Jun 10)
- Re: PCI DSS compliance challenges Gary Flynn (Jun 10)
- Re: PCI DSS compliance challenges Gary Flynn (Jun 10)
- Re: PCI DSS compliance challenges John Ladwig (Jun 10)
- Re: PCI DSS compliance challenges Ellen Smout (Jun 10)
- Re: PCI DSS compliance challenges Michael Johnson (Jun 10)
- Re: PCI DSS compliance challenges Ellen Smout (Jun 10)
- Re: PCI DSS compliance challenges Gary Flynn (Jun 10)
- Re: PCI DSS compliance challenges Greene, Chip (Jun 10)