On 7/19/17 1:39 PM, Jordan Caraballo wrote: > > Hi Shawn, > > Thanks for your reply! I will start digging into them to see if I can > start developing some patches. > > I apologize if these are naive questions: > > - CIS has some pdf benchmark files for FreeBSD. Is this a good start > for recreating the rules to assess the system? >
Most likely. CIS generally has great starting points. Minor note: There have been issues in the past with creating a "CIS" profile. We've needed to add language such as "this profile is _/inspired/_ from CIS." Claiming anything meets CIS benchmarks, without paying licensing to CIS, is a violation of their EULA and copyright. Reference the language in the RHEL C2S profile for example text. > - On the other hand, there are vulnerabilities files available for > FreeBSD https://svn.freebsd.org/ports/head/security/vuxml/vuln.xml and > Solaris http://linux.oracle.com/security/oval/com.oracle.elsa-all.xml.bz2. > What we would need is openscap and openscap-utils working on both OS's? > Defer to the core OpenSCAP tool team. I've no idea.
_______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
