[squid-users] PCI Certification compliance lists
David Touzeau
david at articatech.com
Tue Jan 5 00:07:47 UTC 2021
Yes this an hton of the IP address (ip2long) , remove the .addr and
switch to long2ip
Le 04/01/2021 à 14:56, ngtech1ltd at gmail.com a écrit :
>
> Thanks David,
>
> I don’t understand something:
>
> 1490677018.addr
>
> Are these integers representing of ip addresses?
>
> Eliezer
>
> ----
>
> Eliezer Croitoru
>
> Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1ltd at gmail.com <mailto:ngtech1ltd at gmail.com>
>
> Zoom: Coming soon
>
> *From:*David Touzeau <david at articatech.com>
> *Sent:* Monday, January 4, 2021 3:25 PM
> *To:* ngtech1ltd at gmail.com; squid-users at lists.squid-cache.org
> *Subject:* Re: [squid-users] PCI Certification compliance lists
>
>
> Hi Eliezer:
>
> http://articatech.net/tmpf/categories/banking.gz
> <http://articatech.net/tmpf/categories/banking.gz>
> http://articatech.net/tmpf/categories/cleaning.gz
> <http://articatech.net/tmpf/categories/cleaning.gz>
>
>
> Le 04/01/2021 à 10:27, ngtech1ltd at gmail.com
> <mailto:ngtech1ltd at gmail.com> a écrit :
>
> Hey David.
>
> Indeed it should be done with the local websites however, These
> sites are pretty static.
>
> Would it be OK to publish theses lists online as a file/files?
>
> The main issue is that ssl-bump requires couple “fast” acls.
>
> I believe it should be a “fast” acl but we also need the option to
> use an external helper like for many other function.
>
> If I can choose between “fast” as default and the ability to run a
> “slow” external acl helper I can
> choose what is right for/in my environment.
>
> Currently I cannot program a helper that will decide if a CONNECT
> connection should be spliced or bumped programmatically.
>
> It forces me to reload this list manually which might take couple
> seconds.
>
> Thanks,
>
> Eliezer
>
> ----
>
> Eliezer Croitoru
>
> Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1ltd at gmail.com <mailto:ngtech1ltd at gmail.com>
>
> Zoom: Coming soon
>
> *From:*squid-users <squid-users-bounces at lists.squid-cache.org>
> <mailto:squid-users-bounces at lists.squid-cache.org> *On Behalf Of
> *David Touzeau
> *Sent:* Monday, January 4, 2021 10:23 AM
> *To:* squid-users at lists.squid-cache.org
> <mailto:squid-users at lists.squid-cache.org>
> *Subject:* Re: [squid-users] PCI Certification compliance lists
>
> Hi Eiezer,
>
> I can help you by giving a list but
>
> Just by using "main domains":
>
> 1. Banking/transcations : 27 646 websites.
> 2. AV sofwtare and updates sites (fw, routers...) : 133 295 websites
>
>
> I can give it to you the lists , they are incomplete and it should
> decrease squid performance by loading huge databases.
> Perhaps it is better for the Squid administrator to fill it's own
> list according it's country or company activity.
>
>
>
>
> Le 03/01/2021 à 15:12, ngtech1ltd at gmail.com
> <mailto:ngtech1ltd at gmail.com> a écrit :
>
> I am looking for domains lists that can be used for squid to be PCI
>
> Certified.
>
>
>
> I have read this article:
>
> https://www.imperva.com/learn/data-security/pci-dss-certification/ <https://www.imperva.com/learn/data-security/pci-dss-certification/>
>
>
>
> And couple others to try and understand what might a Squid proxy ssl-bump
>
> exception rules should contain.
>
> So technically we need:
>
> - Banks
>
> - Health care
>
> - Credit Cards(Visa, Mastercard, others)
>
> - Payments sites
>
> - Antivirus(updates and portals)
>
> - OS and software Updates signatures(ASC, MD5, SHAx etc..)
>
>
>
> *https://support.kaspersky.com/common/start/6105 <https://support.kaspersky.com/common/start/6105>
>
> *
>
> https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-e <https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-e>
>
> set-product-with-a-third-party-firewall
>
> *
>
> https://service.mcafee.com/webcenter/portal/oracle/webcenter/page/scopedMD/s <https://service.mcafee.com/webcenter/portal/oracle/webcenter/page/scopedMD/s>
>
> 55728c97_466d_4ddb_952d_05484ea932c6/Page29.jspx?wc.contextURL=%2Fspaces%2Fc
>
> p&articleId=TS100291&_afrLoop=641093247174514&leftWidth=0%25&showFooter=fals
>
> e&showHeader=false&rightWidth=0%25¢erWidth=100%25#!%40%40%3FshowFooter%3
>
> Dfalse%26_afrLoop%3D641093247174514%26articleId%3DTS100291%26leftWidth%3D0%2
>
> 525%26showHeader%3Dfalse%26wc.contextURL%3D%252Fspaces%252Fcp%26rightWidth%3
>
> D0%2525%26centerWidth%3D100%2525%26_adf.ctrl-state%3D3wmxkd4vc_9
>
>
>
>
>
> If someone has the documents which instructs what domains to not inspect it
>
> would also help a lot.
>
>
>
> Thanks,
>
> Eliezer
>
>
>
> ----
>
> Eliezer Croitoru
>
> Tech Support
>
> Mobile: +972-5-28704261
>
> Email:ngtech1ltd at gmail.com <mailto:ngtech1ltd at gmail.com>
>
> Zoom: Coming soon
>
>
>
>
>
>
>
> _______________________________________________
>
> squid-users mailing list
>
> squid-users at lists.squid-cache.org <mailto:squid-users at lists.squid-cache.org>
>
> http://lists.squid-cache.org/listinfo/squid-users <http://lists.squid-cache.org/listinfo/squid-users>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20210105/65adaa19/attachment-0001.htm>
More information about the squid-users
mailing list