Date: Mon, 28 Jul 2008 20:58:07 +0200 From: "Ross Cameron" <ross.cameron@linuxpro.co.za> To: "kalin m" <mail@godfur.com> Cc: freebsd-questions@freebsd.org Subject: Re: pci compliance Message-ID: <35f70db10807281158m1fa96b39o3d56f19b772ee6fa@mail.gmail.com> In-Reply-To: <488E0EF8.4030305@godfur.com> References: <488E0708.2060207@godfur.com> <35f70db10807281102q5a0b73c3h554338292e3b751a@mail.gmail.com> <488E0EF8.4030305@godfur.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 28, 2008 at 8:24 PM, kalin m <mail@godfur.com> wrote: > cool. thanks. i couldn't find anything on google under that name but i've > been looking and reading on a lot of documentation on line and print. > so i was just asking if there are any things that pertain in particular to > the freebsd os that need to be addressed before the scanning. > > how full of a penetration can you have if (almost) all incoming ports are > blocked? > > thanks.... > Depends on the PCI level you are being audited for. But there are any number of attacks you can throw at a box thats fully closed up, and the aim is not to get it but rather to chew up all the ram and cpu and kill the box off. I suggest you read the PCI compliance document for the relevant level and make sure you test the system to comply with the documented requirements.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?35f70db10807281158m1fa96b39o3d56f19b772ee6fa>