From owner-freebsd-questions@FreeBSD.ORG Mon Jul 28 18:02:41 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8C26F106566B for ; Mon, 28 Jul 2008 18:02:41 +0000 (UTC) (envelope-from abalour@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.244]) by mx1.freebsd.org (Postfix) with ESMTP id 341D88FC08 for ; Mon, 28 Jul 2008 18:02:40 +0000 (UTC) (envelope-from abalour@gmail.com) Received: by an-out-0708.google.com with SMTP id b33so4126180ana.13 for ; Mon, 28 Jul 2008 11:02:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to :sender:to:subject:cc:in-reply-to:mime-version:content-type :references:x-google-sender-auth; bh=Se4ya4TywgAZaeA/KgwPDFgiLrk6MGpkdEl+/y4TC4o=; b=vC/3tiwudt8uRLm5iKlxJvcL1KgkAp/5i+8CwJ8ryBW/o8PWOe6l3SB4JRTjwiuDSB MBuePKl0DFpNiXrgW6YwX0SmeoqIfW0t0kJBuA6uL9roEhZNyn5k1yj52k5VJUIKMwc2 uHSTT2rbmr4zj86Ws4QOraN79T8PSKZhUyX8o= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:sender:to:subject:cc:in-reply-to :mime-version:content-type:references:x-google-sender-auth; b=BJrpgWmtSleoihOHLVVn9fRxTkez2zvvmLld+3CSVfcCv0nYzfr/ZVCYFgdLLwyxcm onJ2FJZONr5tluubS0oWqe3ZTq4XG1NwpdmvqhGEd5ljY6U3Mkj7a1xZDTcmVEXWe+FJ 0tuNVmept0rc0ppbi2D+8DuVuyTvNvEcAA6w4= Received: by 10.100.154.19 with SMTP id b19mr8828455ane.98.1217268160364; Mon, 28 Jul 2008 11:02:40 -0700 (PDT) Received: by 10.100.165.16 with HTTP; Mon, 28 Jul 2008 11:02:40 -0700 (PDT) Message-ID: <35f70db10807281102q5a0b73c3h554338292e3b751a@mail.gmail.com> Date: Mon, 28 Jul 2008 20:02:40 +0200 From: "Ross Cameron" Sender: abalour@gmail.com To: "kalin m" In-Reply-To: <488E0708.2060207@godfur.com> MIME-Version: 1.0 References: <488E0708.2060207@godfur.com> X-Google-Sender-Auth: 79414590f932480e Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: pci compliance X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: ross.cameron@linuxpro.co.za List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jul 2008 18:02:41 -0000 On Mon, Jul 28, 2008 at 7:51 PM, kalin m wrote: > hi all... > > i'm about to submit a freebsd system to be scanned for pci compliance... > > is there any particular gotchas with bsd systems that can be detected at > the time of pci compliance scanning? > i know they use something like nmap if not nmap itself and i did myself on > that machine and didn't find anything interesting. > but one of the consultants that was 'advising' the company i work for said > "we use similar (as in nmap) approach but it's (much) more intrusive". > anybody knows what does that mean? > > thanks... The PCI auditing process is a full penetration test. It's very thorough and not at all easy to pass. Get hold of a copy of "The penetration tester's handbook" and make sure u pass all the tests in the book and u should be ok