DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

PCI Compliance

  • robertb24
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
04 Apr 2012 13:13 #71793 by robertb24
Replied by robertb24 on topic Re: PCI Compliance
I agree, but what choice do you have. The bank charges me an additional £50 on my merchant account if I am not compliant. Nice earner for them!

Please Log in or Create an account to join the conversation.

More
16 Apr 2012 13:56 #71909 by toph3r
Replied by toph3r on topic Re: PCI Compliance

robertb24 wrote: I agree, but what choice do you have. The bank charges me an additional £50 on my merchant account if I am not compliant. Nice earner for them!



I've been through two PCI audits, and the firm for whom I worked made extensive use of SNMP. SO, you (and your auditor) are mis-understanding the requirements.

Further, you quote the CVE exploits to which your SNMP daemon is susceptible. Disabling SNMP is not the long-term solution. Patching your SNMP daemon (with updates supplied by your OS / network vendor) is the correct way.

I'm sorry to say this, but it seems a significant amount of clue is missing from the OP.

Please Log in or Create an account to join the conversation.

More
16 Apr 2012 13:57 #71910 by toph3r
Replied by toph3r on topic Re: PCI Compliance

drummerjohn wrote: So true... PCI is the biggest money spinning waste of time I have ever encountered. All leveraged by the banks.



Dare I attempt to defend PCI DSS, but in theory PCI is actually a good attempt by the industry to implement ISO27001 standards on firms. This can only be a good thing.

Please Log in or Create an account to join the conversation.

More
18 May 2012 20:38 #72277 by drewy
Replied by drewy on topic Re: PCI Compliance
it's a box ticking exercise.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami