On Mon, Jul 28, 2008 at 7:51 PM, kalin m <[EMAIL PROTECTED]> wrote:
> hi all...
> i'm about to submit a freebsd system to be scanned for pci compliance...
> is there any particular gotchas with bsd systems that can be detected at
> the time of pci compliance scanning?
> i know they use something like nmap if not nmap itself and i did myself on
> that machine and didn't find anything interesting.
> but one of the consultants that was 'advising' the company i work for said
> "we use similar (as in nmap) approach but it's (much) more intrusive".
> anybody knows what does that mean?
The PCI auditing process is a full penetration test.
It's very thorough and not at all easy to pass.
Get hold of a copy of "The penetration tester's handbook" and make sure u
pass all the tests in the book and u should be ok
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"