elmore
August 15th, 2004, 01:48
The Center for Internet Security has just released the FreeBSD benchmark and scoring tool. Specifically targeted towards FreeBSD 4.8 and later.

From the website:



The Benchmark is a compilation of security configuration actions and settings that "harden" FreeBSD operating systems. It is a CIS Level-I Benchmark the prudent level of minimum due care for operating system security. Level-I Benchmark settings/actions:

1. can be understood and performed by system administrators with any level of security knowledge and experience.

2. are unlikely to cause an interruption of service to the operating system or the applications that run on it.

3. can be automatically monitored either by CIS Scoring Tools or by CIS-certified tools available from software vendors. CLICK HERE for a roster of commercially available
CIS-certified software tools.

The CIS Scoring Tool for FreeBSD provides a quick and easy way to evaluate systems and compare their level of security against the CIS minimum due care security Benchmark. Tool reports guide system administrators to harden both new installations and active production systems. The tool is also effective for monitoring systems to assure that security settings continuously conform with the Benchmark.


http://www.cisecurity.org/bench_freebsd.html

Looks nifty, I'll check it out this week on my FreeBSD postfix gateways and report on it.