[Chugalug] Prepping a Linux server for PCI Compliance..
chris.rimondi at gmail.com
Fri Mar 14 12:27:06 UTC 2014
If money isn't an option I would pick Nessus any day over nearly every
other vulnerability scanner. However, if you want to go the free route:
http://www.openvas.org/. Like Stephen said give it root creds so it is
On Thu, Mar 13, 2014 at 8:08 PM, AverageSecurityGuy <
stephen at averagesecurityguy.info> wrote:
> Do you have a link to the specific requirements of the SAQ C and D
> testing. If not Nessus has a lot of PCI compliance checks. You will need to
> give the Nessus scanner root access to the box to be most effective. Nessus
> also has a number of builtin web application checks which will be useful.
> You can also use BurpSuite to scan the web site. Nessus has a free home
> edition which will let you test up to 10 devices. A full license will cost
> you $1500. BurpSuite is $299 unless you know someone that has a copy and is
> willing to scan the site for you. :)
> Stephen Haywood
> Owner, ASG Consulting
> CISSP, OSCP
> On Mar 13, 2014, at 5:06 PM, Mike Harrison <cluon at geeklabs.com> wrote:
> > I know there are some security nutcases on the list.. so I am asking:
> > I'm setting up a system to host a simple,
> > yet carefully created applications and submit it for PCI Compliance (SAQ
> C and maybe even SAQ D (service provider)) and am wondering what tools were
> available that would simulate the scans that they will be going for..
> > Or should I just load up Backtrack and such and fire away?
> > Which I should do anyway.. but I am looking first to emulate what they
> would be doing.
> > Anyone out there specialize in such things (even for money)?
> > --Mike--
> > _______________________________________________
> > Chugalug mailing list
> > Chugalug at chugalug.org
> > http://chugalug.org/cgi-bin/mailman/listinfo/chugalug
> Chugalug mailing list
> Chugalug at chugalug.org
Chris Rimondi | http://twitter.com/crimondi | securitygrit.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Chugalug