pci compliance
kalin m
mail at godfur.com
Mon Jul 28 18:25:01 UTC 2008
cool. thanks. i couldn't find anything on google under that name but
i've been looking and reading on a lot of documentation on line and print.
so i was just asking if there are any things that pertain in particular
to the freebsd os that need to be addressed before the scanning.
how full of a penetration can you have if (almost) all incoming ports
are blocked?
thanks....
Ross Cameron wrote:
> On Mon, Jul 28, 2008 at 7:51 PM, kalin m <mail at godfur.com> wrote:
>
>
>> hi all...
>>
>> i'm about to submit a freebsd system to be scanned for pci compliance...
>>
>> is there any particular gotchas with bsd systems that can be detected at
>> the time of pci compliance scanning?
>> i know they use something like nmap if not nmap itself and i did myself on
>> that machine and didn't find anything interesting.
>> but one of the consultants that was 'advising' the company i work for said
>> "we use similar (as in nmap) approach but it's (much) more intrusive".
>> anybody knows what does that mean?
>>
>> thanks...
>>
>
>
> The PCI auditing process is a full penetration test.
> It's very thorough and not at all easy to pass.
>
> Get hold of a copy of "The penetration tester's handbook" and make sure u
> pass all the tests in the book and u should be ok
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list