[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds

To: Tracy Reed <treed@xxxxxxxxxxxxxxx>, Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds
From: Digital X <digitalx00@xxxxxxxxx>
Date: Mon, 26 Apr 2010 06:48:05 -0600

> PCI only requires antivirus for systems commonly affected by
> viruses. This means Windows. PCI security council has said that UN*X
> OSs etc. are not required to have antivirus.
> 
> -- 
> Tracy Reed
> http://tracyreed.org

Just an FYI...if your nix devices are in scope, my last audit (4 weeks ago)
directed me to install A/V plus a rootkit finder on linux devices in scope.
Whitelisting is an alternative, but seems more a headache then A/V.  Hope
this helps someone somewhere.

James


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds
  - From: Shaqe Wan

References:
- Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds
  - From: Tracy Reed

Prev by Date: Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds
Next by Date: Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds
Previous by thread: Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds
Next by thread: Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds
Index(es):
- Date
- Thread