From owner-freebsd-questions@FreeBSD.ORG Mon Jul 28 18:25:01 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0A0621065734 for ; Mon, 28 Jul 2008 18:25:01 +0000 (UTC) (envelope-from mail@godfur.com) Received: from mail.el.net (mail.el.net [64.81.218.253]) by mx1.freebsd.org (Postfix) with ESMTP id A267F8FC1E for ; Mon, 28 Jul 2008 18:25:00 +0000 (UTC) (envelope-from mail@godfur.com) Received: (qmail 68044 invoked by uid 1008); 28 Jul 2008 19:30:21 -0000 Received: from unknown (HELO kalins-macbook-pro.local) (kalin@el.net@74.1.12.115) by mail.el.net with ESMTPA; 28 Jul 2008 19:30:21 -0000 Message-ID: <488E0EF8.4030305@godfur.com> Date: Mon, 28 Jul 2008 14:24:56 -0400 From: kalin m User-Agent: Thunderbird 2.0.0.16 (Macintosh/20080707) MIME-Version: 1.0 To: ross.cameron@linuxpro.co.za References: <488E0708.2060207@godfur.com> <35f70db10807281102q5a0b73c3h554338292e3b751a@mail.gmail.com> In-Reply-To: <35f70db10807281102q5a0b73c3h554338292e3b751a@mail.gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: pci compliance X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jul 2008 18:25:01 -0000 cool. thanks. i couldn't find anything on google under that name but i've been looking and reading on a lot of documentation on line and print. so i was just asking if there are any things that pertain in particular to the freebsd os that need to be addressed before the scanning. how full of a penetration can you have if (almost) all incoming ports are blocked? thanks.... Ross Cameron wrote: > On Mon, Jul 28, 2008 at 7:51 PM, kalin m wrote: > > >> hi all... >> >> i'm about to submit a freebsd system to be scanned for pci compliance... >> >> is there any particular gotchas with bsd systems that can be detected at >> the time of pci compliance scanning? >> i know they use something like nmap if not nmap itself and i did myself on >> that machine and didn't find anything interesting. >> but one of the consultants that was 'advising' the company i work for said >> "we use similar (as in nmap) approach but it's (much) more intrusive". >> anybody knows what does that mean? >> >> thanks... >> > > > The PCI auditing process is a full penetration test. > It's very thorough and not at all easy to pass. > > Get hold of a copy of "The penetration tester's handbook" and make sure u > pass all the tests in the book and u should be ok > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >