Jacob Meuser wrote:
>
> On Mon, Mar 12, 2001 at 09:08:19AM -0800, Franklin Hays wrote:
> >
> > I would be interested in hearing opinions on this as well. Playing with
> > the idea of using OpenBSD for my firewall and slackware linux for my
> > servers.
> >
> OpenBSD is a great choice for a firewall. You can choose to install a really
> small system (you can leave out the manpages, which an attacker could use to
> learn your system), and a normal install won't activate any user space daemons,
> so hardening an OpenBSD system is pretty much a non-issue. I also find packet
> filter rules in OpenBSD much easier to understand than ipchains, or whatever
> the new way is. Networking in OpenBSD is more advanced than Linux. (bridging
> and IPv6 are standard, not "experimental")
<----- snip ----->
Yes, that (i.e., security) seems to be Van Rhadt's (if I have his name correct)
main technical grip with the FreeBSD and NetBSD releases. OpenBSD is "secure" out
of the box. I'm hoping to find the BSDs a little easier to configure as well.
Thanks for pointing out OpenBSD's salability. I hadn't thought of that. Don't laugh,
but can you get it (qua firewall) down to a diskette (or two) in size a la the Linux
Router Project (LRP) and its permutations?
Dennis Eberl
