[BBLISA] PCI compliance and Linux AV, was Re: Desktop policies and UNIX-ish operating systems
David Allan
dave at dpallan.com
Fri Jan 29 12:14:20 EST 2010
I'm not sure there's ever been a system in wide use wasn't commonly prone
to vulnerabilities. I wouldn't try to use that language to avoid scanning
if you really need to be compliant. That doesn't mean I think the
commercial scanners for *nix are useful, but I'd still run one of them if
I was worried about an audit.
Dave
On Fri, 29 Jan 2010, Tal Cohen wrote:
> Re-read the PCI DSS 1.2 standard, it only requires the virus scans for
> systems that are commonly prone to vulnerabilities.
>
> :)
>
> Tal
>
> -----Original Message-----
> From: bblisa-bounces at bblisa.org [mailto:bblisa-bounces at bblisa.org] On Behalf Of Paul Beltrani
> Sent: Friday, January 29, 2010 10:00 AM
> To: Tal Cohen
> Cc: bblisa at bblisa.org
> Subject: [BBLISA] PCI compliance and Linux AV, was Re: Desktop policies and UNIX-ish operating systems
>
> On Fri, Jan 29, 2010 at 7:07 AM, Tal Cohen <tcohen at sitespect.com> wrote:
>> That would depend on what types of compliance you are trying to meet.
>>
>> For example, PCI compliance requires periodic virus scans be performed on systems that are prone to virus attacks. This pretty much excludes all MAC and *NIX systems.
>>
> ...
>
> In my experience, PCI compliance requires periodic virus scans, full stop.
>
> It's almost laughable that we have to run AV on some of our Linux
> servers. This isn't to say Linux isn't vulnerable to viruses and
> malware. It's just there are few AV products for Linux and those that
> do exist appear to be designed to scan for Microsoft Windows issues.
> This makes sense when you consider many windows end users are served
> by Linux based file and mail systems.
>
> - Paul Beltrani
>
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
>
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
>
More information about the bblisa
mailing list