Search squid archive

Re: PCI Certification compliance lists

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I'm trying to figure out what can be done with 5.0.4.
I believe there is either a bug or misunderstanding by me what and how things should be done or configured.

The first thing is to be able to bump all and add exceptions.
The second would be to bump specific sites.
As i noticed in the past it seems that for a good splice and or bump I need the any-of acl to be used.

Its a bit different then the way squid acls work in general.

Eliezer

On Sun, Jan 3, 2021, 17:06 Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
On 4/01/21 3:12 am, ngtech1ltd wrote:
> I am looking for domains lists that can be used for squid to be PCI
> Certified.
>
> I have read this article:
> https://www.imperva.com/learn/data-security/pci-dss-certification/
>
> And couple others to try and understand what might a Squid proxy ssl-bump
> exception rules should contain.
> So technically we need:
> - Banks
> - Health care
> - Credit Cards(Visa, Mastercard, others)
> - Payments sites
> - Antivirus(updates and portals)
> - OS and software Updates signatures(ASC, MD5, SHAx etc..)
>
> * https://support.kaspersky.com/common/start/6105
> *
> https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-e
> set-product-with-a-third-party-firewall
> *
> https://service.mcafee.com/webcenter/portal/oracle/webcenter/page/scopedMD/s
> 55728c97_466d_4ddb_952d_05484ea932c6/Page29.jspx?wc.contextURL=%2Fspaces%2Fc
> p&articleId=TS100291&_afrLoop=641093247174514&leftWidth=0%25&showFooter=fals
> e&showHeader=false&rightWidth=0%25&centerWidth=100%25#!%40%40%3FshowFooter%3
> Dfalse%26_afrLoop%3D641093247174514%26articleId%3DTS100291%26leftWidth%3D0%2
> 525%26showHeader%3Dfalse%26wc.contextURL%3D%252Fspaces%252Fcp%26rightWidth%3
> D0%2525%26centerWidth%3D100%2525%26_adf.ctrl-state%3D3wmxkd4vc_9
>
>
> If someone has the documents which instructs what domains to not inspect it
> would also help a lot.



Are you trying to get Squid certified as a PCI WAF agent?
  or as security infrastructure agent?
  or as general networking agent?

These roles matter in regards to the PCI requirement to detect malicious
transactions.


Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux