I use a second card processor in addition to CashNet, and they're
demanding proof of PCI compliance asap, lest they begin with the fines.
When I use the SecureWorks scanning service, I keep failing (well,
*I'm* not a failure; my secure machines are).
Looking at the failure points, it appears that if I close port 8080,
the machine cannot be scanned, but when open, the scan complains about
SSL on the port.
Question for those of you who have passed: do I need to get certs for
the *firewalls* behind which these machines sit? Or perhaps you have
other tips that you can pass along * I won't post the scan logs here
and bore everyone.
--
Kim Geiger
Information Technologist
Broadcasting Services
Michigan State University
517-432-3120 x 429
|