From owner-freebsd-questions@FreeBSD.ORG Mon Jul 28 18:58:08 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 88E0F106567A for ; Mon, 28 Jul 2008 18:58:08 +0000 (UTC) (envelope-from abalour@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.246]) by mx1.freebsd.org (Postfix) with ESMTP id 343358FC2A for ; Mon, 28 Jul 2008 18:58:08 +0000 (UTC) (envelope-from abalour@gmail.com) Received: by an-out-0708.google.com with SMTP id b33so4194984ana.13 for ; Mon, 28 Jul 2008 11:58:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to :sender:to:subject:cc:in-reply-to:mime-version:content-type :references:x-google-sender-auth; bh=muyb6FPnxFDakTzmfbfTT3l4+rEzPoY33cWVXfJrOKk=; b=JKnBKM5Xpx1OFsWMTVkErd1S0xLP2Jy0hYZL9zL4EkUzUsonMWP8764LlP8pFJtEoB LWhDCNF65ryRspm7ILwu0rLnYfA3DX3b5+LEHFQpHoz+SJGnsKIgpM8BjBPjsZ2TqJaO gim5qVV8sxPVchDgnfpdmR1sWOhtU7TWJzC3E= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:sender:to:subject:cc:in-reply-to :mime-version:content-type:references:x-google-sender-auth; b=uMqG//kcHllaSi39kTKwPa9sY3tWcomc9+JxjxOquq4Qh+x8DDf70Vs/V0taNXw+5N bYoOEFjp8oXZ6PhVAgzxG8ygWMIuKIJIm0oxcHZ1XKEtu6R0+graw2boiLm+DELqmE2/ wG4uiBIl6bupuI5PYDbIDW4mIJuwfrL26304Q= Received: by 10.100.240.17 with SMTP id n17mr8890365anh.49.1217271487340; Mon, 28 Jul 2008 11:58:07 -0700 (PDT) Received: by 10.100.165.16 with HTTP; Mon, 28 Jul 2008 11:58:07 -0700 (PDT) Message-ID: <35f70db10807281158m1fa96b39o3d56f19b772ee6fa@mail.gmail.com> Date: Mon, 28 Jul 2008 20:58:07 +0200 From: "Ross Cameron" Sender: abalour@gmail.com To: "kalin m" In-Reply-To: <488E0EF8.4030305@godfur.com> MIME-Version: 1.0 References: <488E0708.2060207@godfur.com> <35f70db10807281102q5a0b73c3h554338292e3b751a@mail.gmail.com> <488E0EF8.4030305@godfur.com> X-Google-Sender-Auth: 3add235b768dca07 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: pci compliance X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: ross.cameron@linuxpro.co.za List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jul 2008 18:58:08 -0000 On Mon, Jul 28, 2008 at 8:24 PM, kalin m wrote: > cool. thanks. i couldn't find anything on google under that name but i've > been looking and reading on a lot of documentation on line and print. > so i was just asking if there are any things that pertain in particular to > the freebsd os that need to be addressed before the scanning. > > how full of a penetration can you have if (almost) all incoming ports are > blocked? > > thanks.... > Depends on the PCI level you are being audited for. But there are any number of attacks you can throw at a box thats fully closed up, and the aim is not to get it but rather to chew up all the ram and cpu and kill the box off. I suggest you read the PCI compliance document for the relevant level and make sure you test the system to comply with the documented requirements.