Awesome! Thanks, this is a great starting point. - Jordan
2017-07-19 14:03 GMT-04:00 Shawn Wells <[email protected]>: > > > On 7/19/17 1:39 PM, Jordan Caraballo wrote: > > Hi Shawn, > > Thanks for your reply! I will start digging into them to see if I can > start developing some patches. > > I apologize if these are naive questions: > > - CIS has some pdf benchmark files for FreeBSD. Is this a good start for > recreating the rules to assess the system? > > > Most likely. CIS generally has great starting points. > > Minor note: There have been issues in the past with creating a "CIS" > profile. We've needed to add language such as "this profile is *inspired* > from CIS." Claiming anything meets CIS benchmarks, without paying licensing > to CIS, is a violation of their EULA and copyright. Reference the language > in the RHEL C2S profile for example text. > > > - On the other hand, there are vulnerabilities files available for FreeBSD > https://svn.freebsd.org/ports/head/security/vuxml/vuln.xml and Solaris > http://linux.oracle.com/security/oval/com.oracle.elsa-all.xml.bz2. What > we would need is openscap and openscap-utils working on both OS's? > > > Defer to the core OpenSCAP tool team. I've no idea. > > > > _______________________________________________ > Open-scap-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list > -- Jordan
_______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
