full-disclosure-uk April 2010 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Compliance Is Wasted M

Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds

From: Digital X <digitalx00_at_nospam>
Date: Mon Apr 26 2010 - 12:48:05 GMT
To: Tracy Reed <treed@ultraviolet.org>, Nick FitzGerald <nick@virus-l.demon.co.uk>

> PCI only requires antivirus for systems commonly affected by
> viruses. This means Windows. PCI security council has said that UN*X
> OSs etc. are not required to have antivirus.
> --
> Tracy Reed
> http://tracyreed.org

Just an FYI...if your nix devices are in scope, my last audit (4 weeks ago)
directed me to install A/V plus a rootkit finder on linux devices in scope.
Whitelisting is an alternative, but seems more a headache then A/V. Hope
this helps someone somewhere.


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/