[ic] PCI Compliance
Jon Jensen
jon at endpoint.com
Wed Jun 16 18:42:10 UTC 2010
On Tue, 15 Jun 2010, Ky Hisberg wrote:
> In order to become PCI Compliant we had to turn off telnet and only
> leave ssh on, which is causing problems during the "make test". Now
> four out of the six test during the running of "make test" come back as
> NOT O.K. it says that that is o.k. but one wonders. Is there anyway to
> fix this?
I don't think your disabling telnet has anything to do with Interchange's
"make test" failing. Most of us haven't run telnetd on our servers for 10+
years, and the tests work fine.
What else did you change around the same time? Did you set up any firewall
rules? Change or enable SELinux or AppArmor? Etc.
>> It's not so bad. I added the following to my apache2 config to fix
>> some SSL issues:
>>
>> SSLProtocol all -SSLv2
>> SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:-eNULL
>
> My ISP is giving me some grieve about this, as this is supposedly a
> special install/configuration. Will/could this have any effect on
> anything but the method that encrypts encrypted traffic?
Nope. It's a "special configuration", sure, in the sense that anything you
do in Apache is special. But it's common to adjust the SSL* settings per
SSL virtual host as the above does.
Jon
--
Jon Jensen
End Point Corporation
http://www.endpoint.com/
More information about the interchange-users
mailing list