From owner-freebsd-questions@freebsd.org Fri Mar 9 12:22:57 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 89D16F4978B for ; Fri, 9 Mar 2018 12:22:57 +0000 (UTC) (envelope-from dave@daveharker.com) Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-db5eur01on0077.outbound.protection.outlook.com [104.47.2.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "Microsoft IT TLS CA 4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D04907485D for ; Fri, 9 Mar 2018 12:22:56 +0000 (UTC) (envelope-from dave@daveharker.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=daveharker.onmicrosoft.com; s=selector1-daveharker-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=BYrc3ibfXePUEzHeagTU1CBSqd0Uqiwf2IZN2JnA9Yg=; b=DK4xDlyFBJdqDzAitL9fDI+GkgiqpDgQ67z/6OQMyD/7ohhUuOEBydJSl0+FYIRSebgkxdnqSDCYtV0TGt4gZBeSFrYAI2IOlEJyTNmFmtmP7srgOM81cFjseok2BrJA9HfvGujDUPc4VQ42DG7qjPfXbHA/e9toRYBi2q+RgJE= Received: from HE1PR1001MB0876.EURPRD10.PROD.OUTLOOK.COM (10.167.193.8) by HE1PR1001MB1242.EURPRD10.PROD.OUTLOOK.COM (10.171.95.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.13; Fri, 9 Mar 2018 12:22:52 +0000 Received: from HE1PR1001MB0876.EURPRD10.PROD.OUTLOOK.COM ([fe80::d06b:21b0:11d7:54cf]) by HE1PR1001MB0876.EURPRD10.PROD.OUTLOOK.COM ([fe80::d06b:21b0:11d7:54cf%13]) with mapi id 15.20.0567.015; Fri, 9 Mar 2018 12:22:52 +0000 From: Dave Harker To: "freebsd-questions@FreeBSD.org" Subject: FreeBSD NIST or CIS Hardening Thread-Topic: FreeBSD NIST or CIS Hardening Thread-Index: AQHTt6FYfrUkUmhF+kCPUZ6sMZ9eKw== Date: Fri, 9 Mar 2018 12:22:52 +0000 Message-ID: Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=dave@daveharker.com; x-originating-ip: [193.240.153.162] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; HE1PR1001MB1242; 7:6jnplRYAk5kHOHB0OU5nxc9LUh4sk1lAgFSzF9jOpYMmjCfG++L8EFiQcjGWcmZ7pVHXPVHfT89Es9/3EIKtPtU0T4W8+Ef4HHX3Z6436TL7Ei/iATAj92w+YPDtBcJtI07HK/75hAb07R6J8BjGnTCkNULD11kHx5DA4wN3QWHrBqX1CVKEf9jOba5epkZTcatTVS0+76J7z4uHBV67CFm6J3ZeZNIi20sU+Lb4uyKnL772IY+mFdfAi+gx4zqM x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: 777668a1-8936-41fb-e950-08d585b87af9 x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(7021125)(5600026)(4604075)(3008032)(4534165)(7022125)(4603075)(4627221)(201702281549075)(7048125)(7024125)(7027125)(7028125)(7023125)(2017052603328)(7153060)(7193020); SRVR:HE1PR1001MB1242; x-ms-traffictypediagnostic: HE1PR1001MB1242: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(273802758526341); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(5005006)(8121501046)(3231220)(944501244)(52105095)(93006095)(93001095)(3002001)(10201501046)(6041310)(20161123564045)(20161123558120)(2016111802025)(20161123562045)(20161123560045)(6072148)(6043046)(201708071742011); SRVR:HE1PR1001MB1242; BCL:0; PCL:0; RULEID:; SRVR:HE1PR1001MB1242; x-forefront-prvs: 0606BBEB39 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(396003)(39830400003)(366004)(39380400002)(346002)(189003)(199004)(7736002)(2351001)(99286004)(6116002)(102836004)(3846002)(3660700001)(5250100002)(2501003)(186003)(6506007)(33656002)(26005)(316002)(3280700002)(81166006)(81156014)(966005)(478600001)(82746002)(14454004)(606006)(8676002)(106356001)(97736004)(8936002)(25786009)(59450400001)(2906002)(5640700003)(83716003)(6436002)(105586002)(6306002)(6512007)(54896002)(68736007)(66066001)(6486002)(5660300001)(6916009)(236005)(36756003)(53936002)(2900100001)(86362001)(15398625002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR1001MB1242; H:HE1PR1001MB0876.EURPRD10.PROD.OUTLOOK.COM; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: daveharker.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: YMSN9iZnC45jQETVRdzXrP65LVNZ2hrYUkaccK+4t5vFFj/45LSGv+26E10/gPoz03QnNUJT22O/49dAOefm/qZKx9gof4sMIngqVFpCa0zgS+qsqDukw49+vow6bEEj8GPyOgP9aL4OV9EH2zaF4DZzM4ZwlspU+ZZSpU/Iiw6VDfkOW7Bn2g/ZRNAuRMlDl2OPXB8vlPWoF/C5Z4xsl1P1je93SjJhUZU76LreSByZaa9QNrWbBO0LSZuKrfr+2vaAVdxwfBPeqe+pzxm2GhkqmLqyFJilAVmnsNScYh3wuCalBEicjI229J2XnozbxI62HkkHFqsotJAc0Oieag== spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: daveharker.com X-MS-Exchange-CrossTenant-Network-Message-Id: 777668a1-8936-41fb-e950-08d585b87af9 X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Mar 2018 12:22:52.3968 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 20adbdcb-1008-44f7-9df7-7646ccdd1402 X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR1001MB1242 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Mar 2018 12:22:57 -0000 Hi, I notice that the last CIS Hardening Benchmark is from 2004 and is for vers= ion 4.10. https://www.cisecurity.org/wp-content/uploads/2018/02/FreeBSD_benchmark_v1.= 0.5.pdf Is there any effort underway to produce either an up to date CIS Benchmark = or a specific NIST Stig to certify FreeBSD for high assurance use? - Dave