• PCI compliance failure: 403 and 404 errors

    In a recent scan done by our PCI compliance testers, we recently failed a PCI test. Here's what it said: Configure the HTTP server to specify the same error documents for both 403 (Forbidden) and 404 (Page Not Found) responses. The site is running on a drupal installation and our drupal .HTAccess...

    ITKE434,585 pointsBadges:
  • How to prevent users from using EFS encryption in Windows Server 2003?

    I have two related question regarding Windows Server 2003: 1- How do I prevent users from using EFS encryption? 2- If a file, or a folder, is already encrypted using EFS by a user and the file permissions have been changed to prevent admin from deleting this file, how can the admin recover the...

    WindowsServerATE335 pointsBadges:
  • How can I be PCI compliant?

    My friend and I are developing a financial software, in turn connect it to a third party credit card company (which would be PCI compliant). As of today, we are not PCI compliant and we're not planning it. However, we want to save the four digits of PAN to help front line staff identity. So if we...

    ITKE434,585 pointsBadges:
  • Vulnerability from PCI scan

    We recently had a PCI scan on one of our websites that was passed to us by a client. Here's one of the vulnerabilities that we got back: Network service: 80/443 Application URL: The response contains SQL Server errors. This suggests that the hazardous characters inserted by the test penetrated the...

    ITKE434,585 pointsBadges:
  • Phone hacking remotely

    Can a phone be hacked and controlled from a remote location? Like from a laptop? Can you hack it and send and receive text from that phone but not be on it and not actually have it or access to it?

    Bsmith198835 pointsBadges:
  • SSL cipher for PCI compliance on AWS

    For the past few weeks, we've been trying for PCI compliance on a load balanced EC2 instance on AWS. Here's our issue: The load balancer accepts weak ciphers. But ELB doesn't support the cipher suite so we have to manually do it one-by-one. What should we do here? What's a good strong cipher for us?

    ITKE434,585 pointsBadges:
  • Can we host a PCI compliant application on Azure?

    I've been trying to host an application on Windows Azure that would store people's credit card information of users who would want to buy monthly subscriptions for a monthly fee. We just have to store the card data as secure as possible. And we know we have to be PCI compliant. Will Azure allow us...

    ITKE434,585 pointsBadges:
  • Checking for SSL vulnerabilities on a web server

    Would there be a way to check a website's SSL vulnerability issues? We're going through a PCI check and we need to make sure our site is compliant with PCI DSS standards. Thank you very much!

    ITKE434,585 pointsBadges:
  • Configure PCI compliant environment

    I have a few questions related to PCI compliance (since my organization is starting to get into credit card processing). Basically, how can we configure a PCI compliant environment? And how do we secure a build server? Thanks!

    ITKE434,585 pointsBadges:
  • PCI DSS check failing with IIS 7.0

    One of our clients is currently having their website validated so they can accept credit card payments on their site. One of the biggest failures they got back was that they're leaking the internal IP address. But they are running IIS 7.0, which we thought wouldn't do that. We checked the headers...

    ITKE434,585 pointsBadges:
  • How to set up a proxy server without a domain address

    Is there a way to setup a proxy server without having to use a domain address?

    SecureBrowsing5 pointsBadges:
  • How to get my Ubuntu system PCI DSS compliant

    I'm trying to get PCI compliant and a scanning company flagged our Ubuntu system for not being compliant. What should we do here? It has to do with our open_basedir, which they don't support. Thank you for your help.

    ITKE434,585 pointsBadges:
  • Fix password issue on IBM Thinkpad

    Removal HHD password IBM Thinkpad x61. Upon start up password requested by means of computer with padlock icon. Remove HHD and restart, icons are still produced. presume HHD on motherboard. Where is the location of the motherboard? How do I fix this password problem?

    MargaretVetere5 pointsBadges:
  • Is there a way to isolate PCI compliance?

    Our company is currently in the process (but not storing) of credit card data. We also authorize the cards through a developed app using the authorize.net API. Now, if it's possible, we would like to limit the requirements of PCI that would affect our servers to an isolated separate environment. Is...

    ITKE434,585 pointsBadges:
  • How to see which ports are forwarded in Sonicwall?

    I have a tz105 with SonicOS Enhanced 5.8.1.6-3o firmware. I've created many custom services for remote access, most of them RDP using various ports. Where can I find which ports are associated with each rule? In simpler products, the "forwarded port" is listed right next to your "virtual server" or...

    mnsjake665 pointsBadges:
  • Facebook account keeps getting hacked

    My account was getting hacked again an again, even after changing Facebook as well Gmail password again and again. What should I do?

    simranmehra85 pointsBadges:
  • File Transfer, MVS to a Windows Server

    Currently I create and manually move main frame files (PDS) to a Windows Server manually. How can incorporate moving and renaming main frame files from the mainframe to a Windows server in a Batch job step. Assume I will be using a batch SFTP step.

    DavidHuenger5 pointsBadges:
  • PCI compliance rules for storing credit card numbers

    I apologize for the 'newbie' question but does anyone know what the PCI rules to follow are for storing credit card numbers in a database? Can anyone point me in the right direction?

    ITKE434,585 pointsBadges:
  • Would SQL Azure be PCI DSS compliant?

    I'm using a separate Windows Server that is PCI-DSS compliant, is it still compliant if I had SQL Azure hosting the backend? I'm currently only storing permitted values. Thank you very much!

    ITKE434,585 pointsBadges:
  • Storing billing data in a MySQL database: A PCI compliance violation?

    For the past several months, I've been developing a shopping cart and I need to store Name, Billing, Address and Zip Code into a MySQL database. I'm doing this because a returning customer wouldn't have to re-enter billing information. Also, I'm not storing any credit data. Just to ask, am I in...

    ITKE434,585 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following