From owner-freebsd-security@FreeBSD.ORG Fri Dec 10 04:43:27 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 44AFA16A4CF for ; Fri, 10 Dec 2004 04:43:27 +0000 (GMT) Received: from mailserver.rolta.com (mailserver.rolta.com [202.60.128.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id BBE7043D5F for ; Fri, 10 Dec 2004 04:43:23 +0000 (GMT) (envelope-from milindyn@rolta.com) Received: (qmail 25862 invoked by uid 515); 10 Dec 2004 04:36:42 -0000 Received: from milindyn@rolta.com by mailserver by uid 512 with qmail-scanner-1.15 (clamscan: 0.54. Clear:. Processed in 2.404115 secs); 10 Dec 2004 04:36:42 -0000 Received: from unknown (HELO bdcrilbmcrp.rolta.com) ([172.16.10.9]) (envelope-sender ) by smtpd (qmail-ldap-1.03) with SMTP for ; 10 Dec 2004 04:36:39 -0000 Received: by BDCRILBMCRP with Internet Mail Service (5.5.2653.19) id ; Fri, 10 Dec 2004 10:07:07 +0530 Message-ID: From: Milind Nanal To: freebsd-security@freebsd.org Date: Fri, 10 Dec 2004 10:07:07 +0530 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" cc: stheg_olloydson@yahoo.com Subject: Re: Center for Internet Security "scoring tool" X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 04:43:27 -0000 Stheg, I have used CIS tool on RedHat linux & found effective going through the report generated after running the tool. I am new to BSD not much used to BSD stuff but since the tool is same it should give good result. Let me also try the same on my FreeBSD box. I'll keep you updated. Regards, Milind **************************************************************************** ************* NOTHING IS IMPOSSIBLE, Because Impossible itself says - I'M POSSIBLE **************************************************************************** ************* -----Original Message----- From: freebsd-security-request@freebsd.org [mailto:freebsd-security-request@freebsd.org] Sent: Thursday, December 09, 2004 5:31 PM To: freebsd-security@freebsd.org Subject: freebsd-security Digest, Vol 88, Issue 2 Send freebsd-security mailing list submissions to freebsd-security@freebsd.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freebsd.org/mailman/listinfo/freebsd-security or, via email, send a message with subject or body 'help' to freebsd-security-request@freebsd.org You can reach the person managing the list at freebsd-security-owner@freebsd.org When replying, please edit your Subject line so it is more specific than "Re: Contents of freebsd-security digest..." Today's Topics: 1. Center for Internet Security "scoring tool" (stheg olloydson) 2. Re: Center for Internet Security "scoring tool" (Giovanni P. Tirloni) ---------------------------------------------------------------------- Message: 1 Date: Wed, 8 Dec 2004 17:56:18 -0800 (PST) From: stheg olloydson Subject: Center for Internet Security "scoring tool" To: freebsd-security@freebsd.org Message-ID: <20041209015618.69267.qmail@web53908.mail.yahoo.com> Content-Type: text/plain; charset=us-ascii Hello, Has anyone tried out the security scoring tool at http://www.cisecurity.org/bench_freebsd.html? Any thoughts or opinions? Regards, stheg __________________________________ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250 ------------------------------ Message: 2 Date: Thu, 09 Dec 2004 00:46:01 -0200 From: "Giovanni P. Tirloni" Subject: Re: Center for Internet Security "scoring tool" To: stheg olloydson Cc: freebsd-security@freebsd.org Message-ID: <41B7BC69.2010904@tirloni.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed stheg olloydson wrote: > Hello, > > Has anyone tried out the security scoring tool at > http://www.cisecurity.org/bench_freebsd.html? > Any thoughts or opinions? I tried it some weeks ago on 5.3-RC1. It's a good tool to use as a checklist but don't use the score to rank your systems. It said a default install scored 5.88 and after fixing some things I increase it to 8.0 but it didn't tweaked the system too much because I hadn't much time. I'm going to play with it again next week. -- Giovanni P. Tirloni ------------------------------ _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" End of freebsd-security Digest, Vol 88, Issue 2 ***********************************************