FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 05-25-2012, 05:22 PM
Arun Khan
 
Default PCI/DSS compliance on CentOS

I have a client project to implement PCI/DSS compliance.

The PCI/DSS auditor has stipulated that the web server, application
middleware (tomcat), the db server have to be on different systems.
In addition the auditor has also stipulated that there be a NTP
server, a "patch" server,

The Host OS on all of the above nodes will be CentOS 6.2.

Below is a list of things that would be necessary.

1. Digital Certificates for each host on the PCI/DSS segment
2. SELinux on each Linux host in the PCI/DSS network segment
3. Tripwire/AIDE on each Linux host in the PCI/DSS segment
4. OS hardening scripts (e.g. Bastille Linux)
5. Firewall
6. IDS (Snort)
6. Central “syslog” server

However, beyond this I would appreciate any comments/feedback /
suggestion if you or your organization has undergone a PCI/DSS audit
and what are the gotchas that you encountered, especially with respect
to CentOS/ open source stack.

I came across this which kind of brings out issues between the
implementer and the PCI/DSS auditor.
<http://webmasters.stackexchange.com/questions/15098/pci-dss-compliance-for-a-vps-using-centos>

Thanks very much.

--
Arun Khan
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 09:11 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org