cool. thanks. i couldn't find anything on google under that name but i've been looking and reading on a lot of documentation on line and print. so i was just asking if there are any things that pertain in particular to the freebsd os that need to be addressed before the scanning.

how full of a penetration can you have if (almost) all incoming ports are blocked?

thanks....



Ross Cameron wrote:
On Mon, Jul 28, 2008 at 7:51 PM, kalin m <[EMAIL PROTECTED]> wrote:

hi all...

i'm about to submit a freebsd system to be scanned for pci compliance...

is there any particular gotchas with bsd systems that can be detected at
the time of pci compliance scanning?
i know they use something like nmap if not nmap itself and i did myself on
that machine and didn't find anything interesting.
but one of the consultants that was 'advising' the company i work for said
"we use similar (as in nmap) approach but it's (much) more intrusive".
anybody knows what does that mean?

thanks...


The PCI auditing process is a full penetration test.
    It's very thorough and not at all easy to pass.

Get hold of a copy of "The penetration tester's handbook" and make sure u
pass all the tests in the book and u should be ok
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to