💼 1.3.7 Do not disclose private IP addresses and routing information to unauthorized parties.
- Contextual name: 💼 1.3.7 Do not disclose private IP addresses and routing information to unauthorized parties.
- ID:
/frameworks/pci-dss-v3.2.1/01/03/07 - Located in: 💼 1.3 Prohibit direct public access between the Internet and any system component in the cardholder data environment.
Description​
Methods to obscure IP addressing may include, but are not limited to:
- Network Address Translation (NAT)
- Placing servers containing cardholder data behind proxy servers/firewalls,
- Removal or filtering of route advertisements for private networks that employ registered addressing,
- Internal use of RFC1918 address space instead of registered addresses.
Similar​
- Sections
/frameworks/pci-dss-v4.0/01/04/05
- Internal
- ID:
dec-c-8b5af7d0
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 1.4.5 The disclosure of internal IP addresses and routing information is limited to only authorized parties. |
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 1.4.5 The disclosure of internal IP addresses and routing information is limited to only authorized parties. |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|