The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.
The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.
The PCI Security Standards Council will enhance the PCI DSS as needed to ensure that the standard includes any new or modified requirements necessary to mitigate emerging payment security risks, while continuing to foster wide-scale adoption.
Ongoing development of the standard will provide for feedback from the Advisory Board and other participating organizations. All key stakeholders are encouraged to provide input, during the creation and review of proposed additions or modifications to the PCI DSS.
The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:
Build and Maintain a Secure Network.
Requirement 1: Install and maintain a firewall configuration to protect cardholder data.
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters .
Protect Cardholder Data.
Requirement 3: Protect stored cardholder data.
Requirement 4: Encrypt transmission of cardholder data across open, public networks.
Maintain a Vulnerability Management Program.
Requirement 5: Use and regularly update anti-virus software.
Requirement 6: Develop and maintain secure systems and applications.
Implement Strong Access Control Measures.
Requirement 7: Restrict access to cardholder data by business need-to-know.
Requirement 8: Assign a unique ID to each person with computer access.
Requirement 9: Restrict physical access to cardholder data.
Regularly Monitor and Test Networks.
Requirement 10: Track and monitor all access to network resources and cardholder data. Requirement 11: Regularly test security systems and processes.
Maintain an Information Security Policy.
Requirement 12: Maintain a policy that addresses information security.
For more info and to download the supporting documentation and other documents visit https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml.
Monday, June 29, 2009
Saturday, June 27, 2009
Internet Protocol and IP Addresses Overview
Every machine on the Internet or a private network has a unique identifying number.
This is called an Internet Protocol Address, or IP Address.
To a computer, an IP address would look something like this, 11011000.00011011.00111101.10001001.
The above number is written in binary form but in order to make it easier for people to interact with and remember the IP address, it is translated in decimal form.
In decimal form the above address would look like 216.27.61.137.
Before we move forward lets define what an octet is.
An octet is a group of 8 digits, usually 1's and 0's that make up part of the IP address. Each IP address has 4 groups of 1's and 0's or 4 octets. Each number represents a bit and of course 8 bits equal a byte.
There are 3 valid classes of IP addresses, Class A, B and C.
The range of the first octet of a class A IP address is from 1 to 126, valid network numbers are from 1.0.0.0 to 126.0.0.0, the number of networks that are possible in this class is 126, 2^7 -2. The number of hosts that can belong to each network is 16777214 or 2^24 - 2.
The range of the first octet of a class B IP address is from 128 to 191, valid network numbers are from 128.1.0.0 to 191.254.0.0, the number of networks that are possible in this class is 16382. (2^14 -2). The number of hosts that can belong to each network is 65534 or 2^16 - 2.
The range of the first octet of a class C IP address is from 192 to 223, valid network numbers are from 192.0.1.0 to 223.255.254.0, the number of networks that are possible in this class is 2097150. (2^21 -2). The number of hosts that can belong to each network is 254 or 2^8 - 2.
Notice that as the number of networks in each class increases, the number of hosts that each of the networks can accommodate decreases. This is because each network has a address of 32 bits or 4 bytes. Each byte is the same as 8 bits or an octet.
In terms of bits and bytes, a class A IP address has an 8 bit network address and a 24 bit host address. A class B IP address has 16 bit network address and 16 bit host address. Finally, a class C IP address has a 24 bit network address and 8 bit host address.
In the above calculations you might have noticed that each calculation is composed of the number 2 to the power of a number not greater than 32 minus 2.
Example:
In order to find out how many networks and hosts are possible for a class A network we perform the following calculations.
First, we know it's a class A Network. By definition the network part of the IP address must be 8 bits long and we also know that an IP address cannot be more than 32 bits long so 32 - 8 is 24. The host part of the network is 24 bits long. 2^8 - 2 = Number of Networks, 2^24 - 2 = Number of hosts each network.
Why the - 2?
You must subtract 2 IP addresses from each calculation because 1 is used as the broadcast address and the other as the Network ID.
Normally and IP address is accompanied by a subnet mask. The subnet mask helps a computer determine how many hosts are in the network.
Class A subnet mask is 255.0.0.0.Class B subnet mask is 255.255.0.0.Class C subnet mask is 255.255.255.0.
This is called an Internet Protocol Address, or IP Address.
To a computer, an IP address would look something like this, 11011000.00011011.00111101.10001001.
The above number is written in binary form but in order to make it easier for people to interact with and remember the IP address, it is translated in decimal form.
In decimal form the above address would look like 216.27.61.137.
Before we move forward lets define what an octet is.
An octet is a group of 8 digits, usually 1's and 0's that make up part of the IP address. Each IP address has 4 groups of 1's and 0's or 4 octets. Each number represents a bit and of course 8 bits equal a byte.
There are 3 valid classes of IP addresses, Class A, B and C.
The range of the first octet of a class A IP address is from 1 to 126, valid network numbers are from 1.0.0.0 to 126.0.0.0, the number of networks that are possible in this class is 126, 2^7 -2. The number of hosts that can belong to each network is 16777214 or 2^24 - 2.
The range of the first octet of a class B IP address is from 128 to 191, valid network numbers are from 128.1.0.0 to 191.254.0.0, the number of networks that are possible in this class is 16382. (2^14 -2). The number of hosts that can belong to each network is 65534 or 2^16 - 2.
The range of the first octet of a class C IP address is from 192 to 223, valid network numbers are from 192.0.1.0 to 223.255.254.0, the number of networks that are possible in this class is 2097150. (2^21 -2). The number of hosts that can belong to each network is 254 or 2^8 - 2.
Notice that as the number of networks in each class increases, the number of hosts that each of the networks can accommodate decreases. This is because each network has a address of 32 bits or 4 bytes. Each byte is the same as 8 bits or an octet.
In terms of bits and bytes, a class A IP address has an 8 bit network address and a 24 bit host address. A class B IP address has 16 bit network address and 16 bit host address. Finally, a class C IP address has a 24 bit network address and 8 bit host address.
In the above calculations you might have noticed that each calculation is composed of the number 2 to the power of a number not greater than 32 minus 2.
Example:
In order to find out how many networks and hosts are possible for a class A network we perform the following calculations.
First, we know it's a class A Network. By definition the network part of the IP address must be 8 bits long and we also know that an IP address cannot be more than 32 bits long so 32 - 8 is 24. The host part of the network is 24 bits long. 2^8 - 2 = Number of Networks, 2^24 - 2 = Number of hosts each network.
Why the - 2?
You must subtract 2 IP addresses from each calculation because 1 is used as the broadcast address and the other as the Network ID.
Normally and IP address is accompanied by a subnet mask. The subnet mask helps a computer determine how many hosts are in the network.
Class A subnet mask is 255.0.0.0.Class B subnet mask is 255.255.0.0.Class C subnet mask is 255.255.255.0.
Sunday, June 7, 2009
How to Administer a Headless Solaris Server
I only confirmed this with Sun Ultra 5/10 workstations but I'm sure that in some form or another it's true for all Sun workstations and servers.
If, during boot up, a Sun workstation or server does not detect an input device such as a keyboard or mouse, the console will be redirected to COM 1. This is helpful when trying to install Solaris from scratch on a headless server.
A null modem cable and terminal emulation software such as putty is also needed.
If, during boot up, a Sun workstation or server does not detect an input device such as a keyboard or mouse, the console will be redirected to COM 1. This is helpful when trying to install Solaris from scratch on a headless server.
A null modem cable and terminal emulation software such as putty is also needed.
Subscribe to:
Posts (Atom)
