Dealing with auditors (was Re: We hit half-million: The Cidr Report)

William Herrin bill at
Thu May 1 15:52:07 UTC 2014

On Thu, May 1, 2014 at 6:29 AM, Alain Hebert <ahebert at> wrote:
>     Bill & Telnet...
>         I hope that QSA didn't let you keep that telnet facing any
> public interface without any protection.

Hi Alain,

The point I made, successfully, was that it was outside the firewall
hence out of scope for the audit. What I do in a different security
domain from the one which handles the credit card transactions is none
of their business.

Bill Herrin

William D. Herrin ................ herrin at  bill at
3005 Crane Dr. ...................... Web: <>
Falls Church, VA 22042-3004

More information about the NANOG mailing list