Skip to content

Instantly share code, notes, and snippets.

@diyan
Last active September 30, 2024 15:12
Show Gist options
  • Save diyan/c35c0574d200ac3a36eb to your computer and use it in GitHub Desktop.
Save diyan/c35c0574d200ac3a36eb to your computer and use it in GitHub Desktop.
PCI DSS. Useful resources

PCI DSS

NOTE: Work in progress

TODO: Identity management, two-factor auth, OpenVPN, Logstash, log shippers, IIS logs, OSSEC, Snort, Suricata, snorby, restart iis w/o admin role,

PCI DSS. Guidelines

REQ 10.1, 10.2. Tools. Resource access tracking

REQ 10.1, 10.2. Tools. Resource access tracking. auditd

REQ 10.1, 10.2. Tools. Resource access tracking. rootsh

REQ 10.3. Tools. Log management

REQ 10.3. Tools. Log management. nxlog

PCI DSS. Tools. Vulnerability management

PCI DSS. Tools. Penetration testing

PCI DSS. Python apps

@mboelen
Copy link

mboelen commented Oct 15, 2015

@0cjs
Copy link

0cjs commented Jul 18, 2017

When it comes to log management, the first thing you should always be looking at on modern (RHEL/CentOS 7+, Debian 8+ and derivatives) is Systemd's Journal (journald/journalctl etc.) These systems in fact use the journal as their main logging system and all files in /var/log are either generated by ryslogd reading copies of the messages from the journal or are generated by programs (such as auditd and often Apache) that avoid the standard logging system (/dev/log etc.) completely.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment