-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 25/04/10 10:00 AM, Russ Allbery wrote: >> PCI compliance doesn't go into details. The whole thing is a crock of >> shit really. Installation of tripwire was one of the requirements on the >> list of 10,000 or so, so that's what I am trying to implement. Then >> again, so was anti-virus software on Linux... > > Welcome to the wonderful world of PCI. Have fun with password lockout! I > love security standards that require you to turn an unsuccessful > compromise attempt into a successful denial of service attack. >
I also love the fact that "compliance" to the standard is going to give a lot of enterprises the excuse to say "We are secure because we're PCI DSS compliant". /me puts head in hands at the victory of "standards" over risk management. Regards James Turnbull - -- Author of: * Pro Linux System Administration (http://tinyurl.com/linuxadmin) * Pulling Strings with Puppet (http://tinyurl.com/pupbook) * Pro Nagios 2.0 (http://tinyurl.com/pronagios) * Hardening Linux (http://tinyurl.com/hardeninglinux) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBS9QGdyFa/lDkFHAyAQJIxwgA0uI228dK8mHS3kQFlbpkWINs5Rde7dVk MTzQcIrM2rd9O8k7jz7JuysFoOC538ySsAQzAQa/5zT+S0LI7P2aEDnrqpfYAN90 VKeqDMw2eKpCas+kaquRA+m+zIKV287SjLEI8UmNgA2wxdPsiKrY1VOZcL/Qu/IN xmksJjfJELbJnGX+VrYTkcrPQ7lg5mmahmBrRBTSv314Tn12OD05nUgljsI8M/gh oUTwJoWCPxqMk7al7amwiNmDtiiVhVGePIYywsxEUVrI8JBo7dJ6fmvlqIt0hWku 2r0HbxWjOn429DZQR98ad8nMGsb4IQNSFd2lAgf4qGXTnm89V83EoA== =/r1z -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.