Dealing with auditors (was Re: We hit half-million: The Cidr Report)
bill at herrin.us
Thu May 1 15:52:07 UTC 2014
On Thu, May 1, 2014 at 6:29 AM, Alain Hebert <ahebert at pubnix.net> wrote:
> Bill & Telnet...
> I hope that QSA didn't let you keep that telnet facing any
> public interface without any protection.
The point I made, successfully, was that it was outside the firewall
hence out of scope for the audit. What I do in a different security
domain from the one which handles the credit card transactions is none
of their business.
William D. Herrin ................ herrin at dirtside.com bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
More information about the NANOG