- Posted by:
- aalpha.org (0%)
- Private Message:
- Message me
PCI Compliance Expert - Quick Job to Pass Scan
Plesk Dedicated Virtual Server (Media Temple)
- Position: PCI Compliance Contractor
- Company Name: Mave Global
- Salary or Project Budget: $200
- Company Website: http://www.maveglobal.com/
- Contact Name: Jason Simon
- Contact Email: Click to contact listing owner by email
- Listed: Fri, 06 Nov 2009 01:04:54 GMT
Description:
I am looking for an expert in PCI compliance to ensure that my server is PCI compliant. I will most likely use the Hacker Guardian scan service. Here are the details:
Shopping Cart: Magento
Host: Media Temple
Plan: Dedicate Virtual
Platform: Plesk (Linux 2.6.9)
Unique IP: Yes
SSL Certificate: Yes, installed
Job: While I have not yet scanned, I believe most of the PCI compliance measures are met. From what I have read, there are only several things that need to be done, I simply do not have the time to deal with these at the moment. Therefor, I am looking for someone who knows what they are doing, ideally has done this before with Plesk (and Media Temple), and can do this with some ease. From the Media Temple user boards, it looks like the biggest issues are the following:
- Disabling SSLv2 and weak ciphers
- Understanding if a port needs blocked (Media Temple will block the port, but I need to make sure there won't be any side effects and I'm not a network guy)
Here are a few references that were listed on the Media Temple user boards:
- http://www.linux-advocacy.org/web-servers/making-plesk-more-pci-compliant
- http://www.nessus.org/nessus/
- http://archives.neohapsis.com/archives/sf/pentest/2006-04/0017.html
The other part of this job is to walk me through the steps whether on the phone, through screen capture, or some other recommended way. I need to be able to somewhat support the work you do. Like I said before, I am simply running short on time and cannot investigate these network issues I am not very familiar with.
The contractor will work directly with me on phone basis (or Skype if out of country). From my assessment, the work should be fairly straight forward for someone who knows PCI compliance and networking.
We are also interested to take this up, you may check our profiles at http://www.livefreelancer.net/