funsec mailing list archives

PCI DSS - a funny one because we are in funsec

From: Alexandre Dulaunoy <a () foo be>
Date: Tue, 28 Jul 2009 18:34:32 +0200

Reading "PCI DSS Requirements and Security Assessment Procedures, v1.2"[1],
I found an interesting requirement in the "paper work process" on page 28 :

"Deploy anti-virus software on all systems commonly affected by
malicious software (particularly personal computers and servers).
"

Everyone in the security field know in advance where the next
malicious software will be ;-)

I'm now guessing what will be the standard answer (especially at
heartland payment system) :

"We never had any malicious software on this system, this is not
commonly affected"

[1] https://www.pcisecuritystandards.org/security_standards/download.html?id=pci_dss_v1-2.pdf


-- 
--                   Alexandre Dulaunoy (adulau) -- http://www.foo.be/
--                             http://www.foo.be/cgi-bin/wiki.pl/Diary
--         "Knowledge can create problems, it is not through ignorance
--                                that we can solve them" Isaac Asimov
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

PCI DSS - a funny one because we are in funsec Alexandre Dulaunoy (Jul 28)
- Re: PCI DSS - a funny one because we are in funsec Drsolly (Jul 28)