LMS 4.2 PCI - DSS update
Hi,
Currently i'm using LMS 4.2[compliance report feature] pulled an PCI DSS report. in the report there 27 kind of rule titles.
i needed to update the same to newer version available so all the rule titles are visible in the report. are there any update regarding the compliance reports??
Regards,
Channa
Hi All,
Any suggestions??
Regards,
Channa
Similar Messages
-
Looks like the RV042G needs another firmware updates as the units we have in the field are now not passing PCI DSS Scans. Dealing with the compliance scanning companies, they are telling me that the firmware is the way to fix this. Here are the errors reported:
Cross-site scripting vulnerability in portalname parameter to /cgibin/userLogin.cgi - FAIL
Description: Several types of web servers and CGI programs include the user's request in their response. For example, a request for the page http://server/nonexistent_page.html may cause server to respond: The page nonexistent_page.html does not exist on this server.
Response splitting vulnerability in portalname parameter to /cgibin/userLogin.cgi - FAIL
Description: Some programs on web servers place user- supplied parameters into certain HTTP headers.
I am using port 443 for remote access to the devices. Moving the port simply changes the reported failure to that port. Any suggestions or has anyone heard for a firmware update coming soon for this device?
Thanks. JohnHi dwyerja01,
Unfortunately I do not think Cisco is going to do anything about this. I have emailed my sales support contact (no response), called tech support (clueless on when or if there will be a firmware update - the only way to fix this) and posted here (no response from Cisco).
With that said, we have begun a transition away from Cisco Small Business gear. While this is disappointing for us, supporting their router platform is just not a priority for them (or so it seems).
If we get lucky, maybe a new firmware will drop. Fingers crossed!
If I find or get more information I will post back here (please do the same).
John -
PCI DSS Compliance - Requirements 5 & 6
We are currently applying for PCI Compliance, and are required to answer the following questions. Since our solution is hosted on Windows Azure, are these questions relevant? Can anyone please suggest where we might establish the answers to these, with respect
to our Azure environment?
Requirement 5: Use and regularly update anti-virus software or programs
5.1: Is anti-virus software deployed on all systems commonly affected by malicious software?
5.1.1: Are all anti-virus programs capable of detecting, removing and protecting against all known types of malicious software (for example, viruses, Trojans, worms, spyware, adware, and rootkits)?
5.2: Is all anti-virus software current, actively running, and generating audit logs, as follows:
(a) Does the anti-virus policy require updating of anti-virus software and definitions?
(b) Is the master installation of the software enabled for automatic updates and scans?
(c) Are automatic updates and periodic scans enabled?
(d) Are all anti-virus mechanisms generating audit logs, and are logs retained in accordance with PCI DSS Requirement 10.7?
Requirement 6: Develop and maintain secure systems and applications
6.1:
(a) Are all system components and software protected from known vulnerabilities by having the latest vendor-supplied security patches installed?
(b) Are critical security patches installed within one month of release?Have a look at Microsoft Endpoint Protection for Windows Azure.
http://blogs.msdn.com/b/windowsazure/archive/2012/03/26/microsoft-endpoint-protection-for-windows-azure-customer-technology-preview-now-available-for-free-download.aspx
http://blog.maartenballiauw.be/post/2012/03/27/Protecting-Windows-Azure-Web-and-Worker-roles-from-malware.aspx -
What is PCI DSS(),how it can be implemented, it can be on Portal
Hi Frndz,
This is Rajesh am actualy EP Consultant,we have a requirment to implemet PCI DSS, n this is the first time am hearing this word.
Can anybody give me the story about PCI DSS and tell me how to implment it.
And kindly let me know it can be implement on portal(WDP java, j2ee).,if not tell me how and on what techlogies needed to implement.
Regards
RajeshDid you ever find a solution?!?
Thank you
Heiko
mawa-solutions GmbH -
Data Security Standard PCI-DSS - SAP Datacenter
Hello,
one of our prospect asked the following question: Does the SAP Datacenter in Germany fullfill the requirements of PCI-DSS?
It seems that this Standard is related to the Payment Card Processing.
I checked all certifiates but I don´t find any infomation about that Standard.
Best Regards
Andreas CzechHi Gina,
Did you find good information about PCI-DSS compliance topics with SAP from this forum? In particular we are looking at options to comply with requirement 11, File Integrity Monitoring.
We would appreciate any guidance.
Thank you, TMM -
PCI DSS - Payment Card Industry / Data Security Standard
Hello Guru's;
Has anyone implemented the necessary security around credit cards according to the latest PCI DSS? If so - I'd like to chat about that. It's no longer just encrypting the credit card information, it's much more... Would love to hear good and bad.
Thanks!
GinaHi Gina,
Did you find good information about PCI-DSS compliance topics with SAP from this forum? In particular we are looking at options to comply with requirement 11, File Integrity Monitoring.
We would appreciate any guidance.
Thank you, TMM -
Achieving PCI DSS compliance of BPEL/ESB components ?
Hi all,
I'd like to get some input on achieving compliance with the Payment Card Industry Data Security Standard (PCI DSS). Issues arise in particular with dehydration and audit trails vs. requirements 3.3 and 3.4.
Has anyone looked at this and if so, how did you approach it ?
Regards,
DiegoHave a look at Microsoft Endpoint Protection for Windows Azure.
http://blogs.msdn.com/b/windowsazure/archive/2012/03/26/microsoft-endpoint-protection-for-windows-azure-customer-technology-preview-now-available-for-free-download.aspx
http://blog.maartenballiauw.be/post/2012/03/27/Protecting-Windows-Azure-Web-and-Worker-roles-from-malware.aspx -
PCI DSS 1.0 and PCI DSS 1.1
I was looking at the spec sheets and was wondering what are the differences between PCI DSS 1.0 and PCI DSS 1.1?
here is a high summary of what is different, and a link to the full details of the differences:
Section 6.6 ? Added requirement for application code review or application firewall to be used
Section 11.1 Clarified that wireless analyzers should be used periodically, even if wireless is not currently deployed.
Section 12 - Added requirement for a policy to manage connected entities, including maintaining a list, implementing appropriate due diligence, ensuring connected entities are PCI DSS compliant, and having an established process to connect and disconnect entities.
https://www.pcisecuritystandards.org/pdfs/pci_summary_of_pci_dss_changes_v1-1.pdf -
PCI DSS 3.0 Section 11.5
PCI DSS 3.0 Section 11.5 says this: "Deploy a change-detection mechanism (for example, file-integrity monitoring tools) to alert personnel to unauthorized modification of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons at least weekly."
Has anyone figured out a solution for this? I submitted a VMware support ticket asking and they said they have no tool/app today that does this nor could they recommend any. I find it rather surprising this standard has been effective since Jan 1, 2015 and there is hardly any info on what people are doing to fulfil this (and 11.5.1) requirement. Thanks!Hello,
Then you really want to look into HyTrust CloudCOntrol and/or Catbird vSecurity as it will monitor changes to a host for you. The reporting is to monitor for change drift or unauthorized changes. How you do that depends on how you feel you should do it. If I monitor the contents of a file for change, it does not mean I need to monitor the entire file for change. Contents is really what is important not the actual file itself.
If your QSA is really stuck on you must have a file integrity monitor, then they are sticking to the letter of the law, so to speak, instead of the intent. I would fire them and get one that truly understands the intent. Also, if you control access to the management console, that is also a compensating control and that is captured as well. You need to think how those files would change in the first place and if I can control said change, log said change, etc. then I have a compensating control that is sufficient.
I can also use the hardening guide to monitor critical files for change as well by monitoring the critical settings within those files. I have a tool that does just that as do many others.
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009-2015
Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.
Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast -
LMS 4.1 Device Package Update
Hi,
I'm having problems updating packages for my new install of LMS Prime 4.1 and hoped someone here could help in diagnosing why. I've attached the psu.log file.
Thanks in advance.Yeah, for Inventory Config And Image Management (the traditional RME functions, in LMS 3.x lingo), you have to perform a separate "Software Update" (vis-a-vis Device Update, which is apparently for CiscoView). That's described in the same aforementioned URL, a little further up, Admin -> System -> Software Center -> Software Update:
http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.1/user/guide/admin/swcenter.html#wp1096852
The following page describes, in not-so-clear terms, whether it's Software Update or Device Update that's needed to get newer hw/sw recognized by the various pieces of LMS 4.1.
http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.1/device_support/table/lms41sdt.html -
CiscoWorks LMS 3.2 unable to update device packages
Chaps,
This is a new install of LMS 3.2 with the Campus Manager patched to 5.2.1.
I'm unable to install any new device updates, if I use the GUI and Check for Updates then it says that none are available. The Device Count Type for Campus Manager is 0 although and my 3750X stacks are not supported.
Any ideas?
JimTry to install the update manually. Open CLI on the server, navigate to $NMSRoot\bin directory and execute the commands:
1. PSUCli.bat -p cm -dst -download CMDeviceUpdates , On providing cisco.com credentials CMDeviceUpdates.zip will be
downloaded to "\cm" location. For example if is
C:\psu_download then package will be under C:\psu_download\cm.
2. Install the package by executing below command:
PSUCli.bat -p cm -install -src\cm CMDeviceUpdates -
LMS 3.2 RME Device Update failed
Hello experts,
I got a new error on my LMS 3.2 with RME 4.3.1
I can´t install any of the RME Device updates.
e.g. : "Installation failed for product [Resource Manager Essentials] with message : com.cisco.nm.xms.psu.packagemgmt.InstallerException: Repository in use. Another Package Support Updater client session may be modifying device support."
I looked up for a .lock file in my CW dir but there is no one.
NMSROOT/Psu.Lock and NMSROOT/www/classpath/com/cisco/nm/xms/psu/Psu.Lock does not exist.
There are no other .lock files in the CW dir and subdirs.
I attatched a psu.log file. Maybe u will see the failure.
What I tried:
- Restart daemon
- install from cisco.com
- install from local dir
... everytime the package installation failed.
Bye,
PatrickYou will need an identical server (RME 4.3.1) with an updated/healthy package repository. If you have that, you can follow these steps to regenerate maps:
1. Shutdown daemons:
net stop crmdmgtd
2. On the bad server, delete all .zip files under the two RME package repositories:
NMSROOT\www\classpath\com\cisco\nm\xms\psu\pkgs\rme
NMSROOT\MDC\tomcat\webapps\rme\WEB-INF\lib\pkgs
3. Copy all of the packages under one of the above locations on the good server to both of these locations on the bad server.
4. Delete your bad rme*.map files under NMSROOT/www/classpath/com/cisco/nm/xms/psu/maps/ and replace them with the good ones.
5. Restart daemons:
net start crmdmgtd -
LMS 4.0.1 - Device update problem for CiscoView
Hello,
I would like to update all CiscoView packages for my customer.
When I do :
Admin> System> Software Center> Device Update
I have a list of several updates to do :
Showing 1-15 of 15 records
Package Name
Type
Product Name
Installed Version
Available Version
Readme
Posted Date
size
1.
ASR1000
DevicePackage
CiscoView
3.0
4.0
ASR1000.cv50.v4-0.readme
NA
NA
2.
Cat3560
DevicePackage
CiscoView
9.0
11.0
Cat3560.cv50.v11-0.readme
NA
NA
3.
Cat3750
DevicePackage
CiscoView
12.0
13.0
Cat3750.cv50.v13-0.readme
NA
NA
4.
Cat6000IOS
DevicePackage
CiscoView
31.0
31.2
Cat6000IOS.cv50.v31-2.readme
NA
NA
5.
CVGenericPackage
DevicePackage
CiscoView
1.4
1.5
CVGenericPackage.cv50.v1-5.readme
NA
NA
6.
Cisco3400ME
DevicePackage
CiscoView
4.0
5.0
Cisco3400ME.cv50.v5-0.readme
NA
NA
7.
MetroEthernet
DevicePackage
CiscoView
2.0
MetroEthernet.cv50.v2-0.readme
NA
NA
8.
Nexus5000
DevicePackage
CiscoView
1.0
Nexus5000.cv50.v1-0.readme
NA
NA
9.
Nexus7000
DevicePackage
CiscoView
2.0
3.0
Nexus7000.cv50.v3-0.readme
NA
NA
10.
Rtr3900
DevicePackage
CiscoView
4.0
5.0
Rtr3900.cv50.v5-0.readme
NA
NA
11.
Rtr1900
DevicePackage
CiscoView
2.0
3.0
Rtr1900.cv50.v3-0.readme
NA
NA
12.
Rtr1800
DevicePackage
CiscoView
9.0
10.0
Rtr1800.cv50.v10-0.readme
NA
NA
13.
NGMARShare
DevicePackage
CiscoView
1.15
1.17
NGMARShare.cv50.v1-17.readme
NA
NA
14.
Rtr800
DevicePackage
CiscoView
16.0
18.0
Rtr800.cv50.v18-0.readme
NA
NA
15.
SwitchAddlets
DevicePackage
CiscoView
1.28
1.31
NA
NA
But when I try to do these update, it always fails and I can see in the Event logs, this message :
Number of Packages Selected for Install : 1
For Product(s) : CiscoView
Install Invoked by user : admin
The Package(s) Selected for Install :
CVGenericPackage
WARNING : CVGenericPackage(1.5):Consistency check failed for base package SwitchAddletsWhat can I do to update my CiscoWorks please ?
No package(s) to install for : CiscoView
Thank you.
Regards,
Stephane.And for each individual device package I'm trying to update, I receive this error message :
Error
The installation of device package(s) failed.
Check Software Center > Activity Log > Event Log for details.
And the Event log show me this (for example, for the Cat3560 package) :
Number of Packages Selected for Install : 1
For Product(s) : CiscoView
Install Invoked by user : admin
The Package(s) Selected for Install :
Cat3560
No package(s) to install for : CiscoView
But when I do Device Update again (even if I Stop and Restart the Deamon Manager), I still see the same device packages list.
This problem is very annoying.
Do you want me to upload any other log ? -
LMS 4.1 Device Packages Update Installation
Hello, i used the software center to download latest device packages, all downloaded to PSU_Downloads folder , i want to know how to install them with GUI if possible , as i tried to use CLI but it seems that i'm using bad syntax.
Best Regards.The cli syntax can be a bit tricky. If you have already downloaded the updates, you can perform the updates using the downloaded copies as your source. Please see step 2 of the procedure listed here, specifically:
To check for updates from a server, select the Enter Server Path radio button and enter the path or browse to the location using the Browse tab. -
W2003 DNS cache snooping vulnerability for PCI-DSS compliance.
Hi everyone.
How can I solve this security vulnerability reported by Nessus(security software) with W2003's DNS ?
DNS Server Cache Snooping Remote Information Disclosure
Synopsis:
The remote DNS server is vulnerable to cache snooping attacks.
Description:
The remote DNS server responds to queries for third-party domains that do not have the recursion bit set. This may allow a remote attacker to determine which domains have recently been resolved via this name server, and therefore which hosts have been recently
visited. For instance, if an attacker was interested in whether your company utilizes the online services of a particular financial institution, they would be able to use this attack to build a statistical model regarding company usage of that financial institution.
Of course, the attack can also be used to find B2B partners, web-surfing patterns, external mail servers, and more. Note: If this is an internal DNS server not accessable to outside networks, attacks would be limited to the internal network. This may include
employees, consultants and potentially users on a guest network or WiFi connection if supported.
Risk factor:
Medium
CVSS Base Score:5.0
CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
See also:
http://www.rootsecure.net/content/downloads/pdf/dns_cache_snooping.pdf
Solution:
Contact the vendor of the DNS software for a fix.
Plugin output:
Nessus sent a non-recursive query for example.com and received 1 answer : 192.0.43.10
I have been searching for a solution at the web...but I was unabled to find one..that could let me to use "recursion" at our DNS server.
We have an internal DNS server for Active Directory, with a forwarding to resolve external internet domains as is a requirement by our application..but now the only way to fix this is to disable "recursion" and we are working with external IP address instead
of internet DNS names..but this is not a good solution for us.
I found something about spliting DNS functions, but my point is that we have all the servers internal and DMZ, inside the same AD domain..so we need to use the same DNS server AD integrated, notwithstanding we must resolve external DNS records for our application...How
can I do this without getting the same vulnerability again ? I don´t know how to do it disabling "recursion"..If I disable recursion I will be unable to resolve external DNS names.
Any suggestion will be really appreciated!!
thx!!That's basically for your internet facing DNS. I wouldn't worry about it too much for internal DNS, since that's only hosting your internal AD zone.
Other than setting the "Secure cache against polution" setting, you can also opt to disable caching of all records so each and every query is a fresh query. This actually fixes CNAME vs A record TTL mismatch issues, too, not that you're probably seeing them
or not, but just wanted to add that:
Description of DNS registry entries in Windows 2000 Server, part 2 of 3 (applies to 2003, 2008 & 2008 R2)
http://support.microsoft.com/kb/813964
Cannot resolve names in certain top level domains like .co.uk.
http://blogs.technet.com/b/sbs/archive/2009/01/29/cannot-resolve-names-in-certain-top-level-domains-like-co-uk.aspx
============
To turn off or disable local cache: (WIndows 2000 notes, but they apply to all current OS's)
Set the MaxCacheTtl to 0 in the registry or use Dnscmd
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters
Value: MaxCacheTtl
Type: DWORD
Default: NoKey (Cache for up to one day)
Function: Set maximum caching TTL.
MaxCacheTtl
Type: DWORD
Default value: 0x15180 (86,400 seconds = 1 day)
Function: Determines how long the DNS server can save a record of a
recursive name query.
You can use the MaxCacheTtl registry entry to specify how long the DNS
server can save a record of a recursive name query.
If the value of the MaxCacheTtl entry is 0x0, the DNS server does not save
any records.
The DNS server saves the records of recursive name queries in a memory cache
so that it can respond quickly to new queries for the same name. Records are
deleted from the cache periodically to keep the cache content current. The
interval when the records remain in the cache typically is determined by the
value of the Time to Live (TTL) field in the record. The MaxCacheTtl entry
establishes the maximum time that records can remain in the cache. The DNS
server deletes records from the cache when the value of this entry expires,
even if the value of the TTL field in the record is greater.
Change method
To change the value of the MaxCacheTtl entry, use Dnscmd.exe, a tool that is
included with the Windows 2000 Support Tools. The change is effective
immediately so that you do not have to restart the DNS server.
Start method
DNS reads its registry entries only when it starts. If you change the value
of the MaxCacheTtl entry by editing the registry, the changes are not
effective until you restart the DNS server.
Note the following items: . Windows 2000 does not add the MaxCacheTtl entry
to the registry. You can add it by editing the registry or by using a
program that edits the registry.
The MaxCacheTtl entry does not affect Windows Internet Name Service
(WINS) data that is saved in the DNS memory cache. WINS data is saved until
the Cache Timeout Value on the WINS record expires. To view or change the
Cache Timeout Value on the WINS record, use the DNS snap-in. Right-click a
zone name, click Properties, click the WINS tab, and then click Advanced.
===============================
Ace
Ace Fekay
MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights.
Maybe you are looking for
-
Hi, I would like to know how to add a folder so that when extracted the file structure is maintained. Thanx in advance -Dani.
-
Printing a pdf document leaves most of the "t"s not printing. The same document on another laptop using the same printer works fine, so its not the printer. It also happens when we us a network printer. Using a Dell laptop running WIN7 and the lat
-
Ovi Suite to sync music from Network Drive
Ovi Suite will not allow me to select a Network Drive as the source folder for music - is this just a problem for me, or is this a fetaure of OviSuite ? Tks
-
Does Any One Know The Default Font For The OS X 10.4 ?
I changed it now i can't find my back hehe and does anyone know how to reset the OSX ? will it affect my plug-ins authorisations ? thanks guys
-
TS1425 How to delete duplicates on my I-pod 5th gen.
After numerous times trying to delete dupicates on my 5th gen. i-pod, i'ts still not resonding