From owner-freebsd-security@freebsd.org  Wed Oct 26 13:12:41 2016
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 592DFC22FCC
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Wed, 26 Oct 2016 13:12:41 +0000 (UTC) (envelope-from des@des.no)
Received: from smtp.des.no (smtp.des.no [194.63.250.102])
 by mx1.freebsd.org (Postfix) with ESMTP id 1E10FE1A;
 Wed, 26 Oct 2016 13:12:40 +0000 (UTC) (envelope-from des@des.no)
Received: from desk.des.no (smtp.des.no [194.63.250.102])
 by smtp.des.no (Postfix) with ESMTP id A992710A3D;
 Wed, 26 Oct 2016 13:12:39 +0000 (UTC)
Received: by desk.des.no (Postfix, from userid 1001)
 id 7CE164314F; Wed, 26 Oct 2016 15:12:39 +0200 (CEST)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: CeDeROM <cederom@tlen.pl>
Cc: "Robert N. M. Watson" <rwatson@freebsd.org>, freebsd-security@freebsd.org,
 Pawel Jakub Dawidek <pjd@freebsd.org>
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch [REVISED]
References: <20161025173641.BCDFD1911@freefall.freebsd.org>
 <20161026042748.GG60006@garage.freebsd.pl>
 <CAGMYy3v8KxuQfou0SmUNikghH-9NWfneoMPP_15F85WkDaUhKg@mail.gmail.com>
 <20161026061504.GH60006@garage.freebsd.pl>
 <0717BEFA-4E65-4990-AC50-FD80681C110C@FreeBSD.org>
 <CAFYkXjn39kKzcTY-pJObaVz8OGqbzCHE69kYAmRYtz5OX2kpAQ@mail.gmail.com>
 <868ttbwio9.fsf@desk.des.no>
 <CAFYkXjmYCLyQi-PHNtcP2-AALH=2QRwAWBoQDtypUvBtekTFag@mail.gmail.com>
 <864m3zwdro.fsf@desk.des.no>
 <CAFYkXjmgvNz_LpkSJq7AeQp94oXJYvKcttFrYVKLEmmEvwNhkA@mail.gmail.com>
 <86wpgvuwq2.fsf@desk.des.no>
 <CAFYkXjnDe6nuA8QCCnQoDP2CYfcxfH3VWyYXm-Y8x4cWA8FpOw@mail.gmail.com>
Date: Wed, 26 Oct 2016 15:12:39 +0200
In-Reply-To: <CAFYkXjnDe6nuA8QCCnQoDP2CYfcxfH3VWyYXm-Y8x4cWA8FpOw@mail.gmail.com>
 (cederom@tlen.pl's message of "Wed, 26 Oct 2016 14:27:24 +0200")
Message-ID: <86shrjuud4.fsf@desk.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Oct 2016 13:12:41 -0000

CeDeROM <cederom@tlen.pl> writes:
> Dag-Erling Sm=C3=B8rgrav <des@des.no> writes:
> > CeDeROM <cederom@tlen.pl> writes:
> > > I think it would be nice to have something like CIS Benchmark for
> > > FreeBSD.
> > https://benchmarks.cisecurity.org/downloads/multiform/
> Perfect :-) This is the place for benchmarking "advisories for local
> denial-of-service attacks", no? :-)

I'm not sure you understand what the CIS benchmarks are.  From the
website:

  The CIS Security Benchmarks program provides vendor-agnostic,
  consensus-based best practices to help organizations assess and
  improve their security. Resources include:

  - secure configuration benchmarks
  - automated configuration assessment tools and content
  - security metrics
  - security software product certifications

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no