[ic] PCI Compliance

Ky Hisberg kyhis2005 at yahoo.com
Wed Jun 16 01:22:01 UTC 2010


>> Has anybody had to take any special technical or other steps (outside of
>> firewall, and other basic sys-admin tasks) in order to ensure a "PCI
>> Compliant" Interchange?
>>
Not Interchange specific but one that is causing some issues with 
testing new versions, unless we are doing somethings wrong.  In order to become PCI Compliant we had to turn off telnet and only leave ssh on, which is 
causing problems during the "make test".  Now four out of the six test during the running of "make test"
come back as NOT O.K. it says that that is o.k. but one wonders.  Is there anyway to fix this?  I was able t upgrade but I am now having issues with the install of new catalogs and do not know if one has to do with the other.  Has anyone any thoughts on this? 

>
> It's not so bad.  I added the following to my apache2 config to fix
> some SSL issues:
>
> SSLProtocol all -SSLv2
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:-eNULL

My ISP is giving me some grieve about this, as this is supposedly a special install/configuration.  Will/could this have any effect on anything but the method that encrypts encrypted traffic?  

Thanks 

Kyle  


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.icdevgroup.org/pipermail/interchange-users/attachments/20100615/277998b2/attachment.htm>


More information about the interchange-users mailing list