[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-security
Subject:    FreeBSD Server configuration and security compliance benchmark
From:       Mikhail Krylatyh <mikhail.krylatyh () rcntec ! com>
Date:       2017-07-31 14:08:50
Message-ID: 23AAE336-5235-47BA-A931-26B51D287970 () rcntec ! com
[Download RAW message or body]

Hi everyone.
I'm participating in development of some security-centric product, one part of which \
performs compliance checks upon target server's OS. The main purpose of this checks \
is to find possible misconfigurations which are widely considered as insecure or \
deprecated (e.g password login by root or use of week ciphers in sshd). As a basis of \
our compliances we use recommendations of cisecurity.org <http://cisecurity.org/> \
(https://www.cisecurity.org/cis-benchmarks/ \
<https://www.cisecurity.org/cis-benchmarks/>). Unfortunately, they don't have any \
valid benchmarks for currently supported versions of FreeBSD. So is there anything \
similar (the one and only available benchmark is for 4.10 - \
https://drive.google.com/file/d/0B-dY8d2tWnU-b2pkczNJcURfaHM/view \
<https://drive.google.com/file/d/0B-dY8d2tWnU-b2pkczNJcURfaHM/view>) in a FreeBSD \
community? I'm no familiar with *BSD so any feedback or links are appreciated. \
_______________________________________________ freebsd-security@freebsd.org mailing \
list https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"


[prev in list] [next in list] [prev in thread] [next in thread]