Some time ago Cyber-Defense, the free software arm of Enclave Forensics, released a set of free scripts used to automate self-assessment of the technical controls in PCI/DSS. Specifically, the toolkit allows you to verify the security configuration of the firewall, SSL configuration on web servers, perform analysis of vulnerability reports and validate that the information flow requirements specified in sections two and three of the PCI/DSS have been properly implemented.
Cyber-Defense and Enclave Forensics today announced that an updated version of the toolkit has been released. This new version addresses questions that have been asked about being able to more specifically identify the types of information that are permitted in and out through the organization’s firewall. The analysis tool now allows the auditor, QSA or someone performing a self-assessment to specify exactly which ports and protocols are permitted both inbound and outbound. The resulting report remains an easy to read HTML format.
For this toolkit to function there are a few software requirements that are easy to meet. The toolkit expects to find that NMap, Nemesis and TCPDump are installed for firewall validations. To perform SSL Cipher analysis, OpenSSL must be installed. Of course, since the scripts are Perl based, Perl is also required.
For more information and to obtain a copy of the toolkit for free, please see here!
Also, a complete course on how to implement and manage compliance with (including how to perform technical self-assessments) using this toolkit and a 200+ page coursebook is available through SANS. In fact, there’s a conference planned for this June. The hands on PCI/DSS 1.2 compliance course is being offered on June 21 and 22. There is also a hands on Advanced IT Audit Course being offered from June 15 through June 20 covering all you need to know about Firewalls, Routers, Web Application Security, Windows Auditing and UNIX auditing!