Mukadimah

Assalamualaikum wr wb ..

I created this new blog, actually is not no mo intention to make the blog. So who ya are so mbuat culprit that I make a blog mo, ya man always called her name Zulkarnain aka Nain Jaka Baring. His alias is for ya people sleep in the morning until noon then disconnected again, wake up again next night he ... he .. (like bats).

The story, if not one before or the early days of fasting she (Nain), go back two Singaparna, Tasikmalaya, gone not use any further ado I do not know if it turns out he went in there. Why do I say a second village? If his hometown is actually in Kilkenny, Kilkenny father as her mother was in fact both are the same sister, brother still in Palembang. Because the annual've student in Cipasung, so smitten he same Tasikmalaya (do not know what Tasikmalaya same as the girls there, he ... he ..).

As I recall he once told mo open mushroom planting effort but more promising there (Tasikmalaya) to weigh in Palembang (Nain lo these words, not mine), he said the market difficult.
So I thought maybe she went there tuh mo start the project, because he had not asked for money sending few in number. I can only pray just hope he's successful.

Eventually he returned again to Kilkenny, the return did not use too small talk (probably go - go through the underground ya man he ... he ....) tau-tau've come home (like a ghost .. weehh. dong).
I'm Seeing Online continues to say he wrote, "Anything else ya how to get mo money". "What's more, the forex? who yesterday wrote did not go up and ride instead ancur added," I said.
Nyegir dah him, "No, find the money pake blog", he said. "How to make it how?" I asked. He said, "No need to bother buying a ready-made wrote blogs, find that demand a lot."
"Really how much to buy a blog?" I asked. I do not want detailed nyebutin price when he bought the blog, which clearly there are millions of his. Keep me just laught.

Day after day passed, morning noon switch, switch noon afternoon accompanied by a little hunger and thirst month of fasting (weehh. .. like poetry), every time she came till Eid speaking mere blog blog blog again and again he ... he .. . I think a true blogger emang mo so ya man he ... he ..
Because blogs are often heard, by chance I'm online a fad I go to Google then I write the boxed search: How to Create a Blog. Found easy way to make a blog on Blogger.com, I follow the way he eventually became this blog.

Because the only fun I'm confused what ya mo filled blog, so ... what's on the computer I wrote that on now. Yes ... the stories trus Islamic multimedia program that could be considered old school.
If there are mo Allhamdulillah ngunjungin this blog, if not mo ya okay. What is clear for Sodara and sodari, fathers, mothers and sisters-just not all that intentionally or accidentally dropped on this blog, please be understandable if not interesting and thank you as much as possible.

Wassalamualaikum wr ... wb

ReadBud

Rabu, 08 Juni 2011

PCI File Integrity Monitoring - Five FAQs for PCI DSS Merchants

Requirement 11.5 of the PCI DSS specifies "the use of file-integrity monitoring tools within the cardholder data environment by observing system settings and monitored files, as well as reviewing results from monitoring activities." Additionally, "verify the tools are configured to alert personnel to unauthorized modification of critical files and to perform critical file comparisons at least weekly."
The following is part one in a two part series listing the Top Ten FAQs for File-Integrity Monitoring that any PCI Merchant should be aware of.
1. Agent-based file monitor or Agentless file monitor?
The gut reaction is that an agentless file integrity monitor is preferable - no software deployment required, no agent updates to apply and one less process running on your server. In theory at least, by enabling Object Access auditing via Group Policy or the Local Security Policy on the server or EPoS device it is possible to track file changes via Windows Events. You still need to work out how to get the local Windows Events back to a central log server, but then you will need to do this in order to comply with PCI DS requirement 10 anyway (and by the way, this will definitely need an agent to be deployed to any Windows server or Till).
However, the agent-based file-integrity monitor does have some distinct advantages over the agentless approach. Firstly, by using an agent, a PCI DSS file integrity monitoring template can be provided. This will comprise a blueprint for all folders and files that should be monitored to secure card data. In other words, a windows file monitoring agent is easier to set-up and configure.
Secondly, a windows file integrity monitor can actively inventory the file system. This approach allows the PCI DSS Merchant to demonstrate compliance with PCI DSS Requirement 11.5b by not just performing critical file comparisons weekly, but on a scheduled daily basis, or even in real-time for ultra secure environments.
Finally a file-integrity monitor for Windows that is agent-based can provide a Secure Hash Checksum of a file which is the only infallible means of guaranteeing the identity and integrity of binary system files. See FAQ 2 for more details.
2. Why use a Secure Hash Checksum for File Integrity Monitoring?
A secure hash checksum is generated by applying a hash algorithm to a file. The algorithm used is such that the resulting hash is unique. Even a one bit difference to a file will result in a significant variation to the hash. The most common algorithms used are SHA1 and MD5. SHA1 will generate a 160-bit hash value for a file, MD5 a 128-bit value. Recording and tracking changes to the Secure Hash of a file in conjunction with tracking changes to other file attributes such as permissions, modified date and size provides an infallible means of ensuring file integrity.
3. How to implement File Integrity Monitoring for Firewalls, Switches and Routers
Typically, any Firewall, Switch and Router will have a range of configuration settings which govern the performance, operation and crucially, the security of the device and the network it is protecting.
For instance, tracking changes to the running config and changes to the startup config of a router will reveal if any significant changes have been made that could affect the security of the network, Similarly tracking changes to permissions and rules on a firewall will ensure that perimeter security has not been affected.
Use of file integrity monitoring for firewalls, routers and switches is a key dimension for any change management procedure and essential for a comprehensive IT Security Policy.
4. File Integrity Monitoring for Web Applications
Web site Apps can generate lots of file changes that are not significant with respect to security of card data. For instance, images, page copy and page layouts may change frequently on an active ecommerce website, but none of these file changes will affect the security of the website. Depending on the web environment in use, there may be a mixture of ASP.NET (ascx, aspx, and asmx asdx files), Java (with js and jsp files), PHP, config or cnf files plus the more regular system files, such as dll and exe program files. It is essential to monitor file changes to all system files and config files for a car data application and web applications create more of a challenge due to the highly dynamic nature of the web app file system. A good file integrity monitor for web applications will have built-in intelligence to automatically detect significant file changes only and ignore changes to other files
5. File Integrity Monitoring for Web Applications
Web site Apps can generate lots of file changes that are not significant with respect to security of card data. For instance, images, page copy and page layouts may change frequently on an active ecommerce website, but none of these file changes will affect the security of the website. Depending on the web environment in use, there may be a mixture of ASP.NET (ascx, aspx, and asmx asdx files), Java (with js and jsp files), PHP, config or cnf files plus the more regular system files, such as dll and exe program files. It is essential to monitor file changes to all system files and config files for a car data application and web applications create more of a challenge due to the highly dynamic nature of the web app file system. A good file integrity monitor for web applications will have built-in intelligence to automatically detect significant file changes only and ignore changes to other files.

Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)