PCI-1.3.4:

From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 13:50, 27 February 2007 by Mdpeters (talk | contribs) (New page: Examine firewall and router configurations to verify that connections are restricted between publicly accessible servers and components storing cardholder data, as follows:<br> <br> :*Det...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Examine firewall and router configurations to verify that connections are restricted between publicly accessible servers and components storing cardholder data, as follows:

  • Determine that the firewall performs stateful inspection. Only established connections should be allowed in, and only if they are associated with a previously established session.


Testing Guidance:
Engage a port scanner such as [NMAP] on all TCP and UDP ports with “syn reset” or ”syn ack” bits set.

  • A response means packets are allowed through even if they are not part of a previously established session.


--Mdpeters 08:50, 27 February 2007 (EST)

Retrieved from "http://horseproject.wiki/index.php?title=PCI-1.3.4:&oldid=3428"