v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space

• Previous message (by thread): v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
• Next message (by thread): Seeking FIOS tech support with two (or more) brain cells
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>However the PCI DSS does contain a "Compensating controls" section, which
>allows for the use of functionality which "provide[s] a similar level of
>defense" to the stated requirements, where the stated requirements can not
>be followed due to "legitimate technical or documented business
constraints"
>
>Now the fact that RFC1918 addresses don't work with IPv6 is clearly a
>"legitimate technical ... constraint", so as long as you could successfully
>argue that a stateful firewall or other measures in place provided
>equivalent security as NAT you should be fine.


Excellent loophole!
Although I wonder how many clueful auditors are out there and able to make
this fly ...

• Previous message (by thread): v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
• Next message (by thread): Seeking FIOS tech support with two (or more) brain cells
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]