JL> Date: Tue, 14 May 2002 07:28:29 -0700 JL> From: Jeff Lasman
JL> And how about a procedure in place to get those credit card JL> numbers OFF the system on a regular basis so if it is hacked, JL> you won't end up on the six-o'clock news. The big thing is to ensure that any CC info that might be written to disk is asymmetrically encrypted or randomly encrypted (a la OpenBSD swap partitions). Storing on a bastion system doesn't hurt. I'm writing something that even zeroes RAM where CC info was kept after processing. But, then, I'm paranoid. (And, no, that's not a plug. We have no current plans to sell the software in question.) -- Eddy Brotsman & Dreger, Inc. - EverQuick Internet Division Phone: +1 (316) 794-8922 Wichita/(Inter)national Phone: +1 (785) 865-5885 Lawrence ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <[EMAIL PROTECTED]>, or you are likely to be blocked. _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
