How secure is OpenBSD really

Mon, 14 Apr 2008 15:16:31 -0700 

Hi.

I`m considering switching from Linux to OpenBSD because of the
security of course. Now I wanted to be sure that I will finally be
able to protect my box with "smart" encryption etc. ("smart" because
anybody can write an encryption program, but few think about data that
remains in RAM (even after computer is shut down)). So I read various
underground ezines and page after page I got the feeling that people
really struggle to brake into OBSD boxes. But something really
confused me:

11:46PM  up 2 days,  6:25, 22 users, load averages: 0.47, 0.27, 0.20
USER    TTY FROM              LOGIN@  IDLE WHAT
deraadt  C0 -                Wed05PM  5:57 emacs -nw -u deraadt -f zenicb
mickey   p0 versalo.lucifier Wed07PM    15 icb -n mickey -g hackers -s cvs
millert  p1 millert-gw.cs.co  3:37PM  2:48 tail -fn-100 /cvs/CVSROOT/ChangeLog
deraadt  p2 v.openbsd.org    Thu11PM  1:06 -csh
form     p3 vell.nsc.ru      Thu11PM 21:29 less /cvs/CVSROOT/ChangeLog
pvalchev p4 dsl-dt-207-34-11 Thu05PM    15 tail -fn-50 /home/hack/pvalchev/chan
deraadt  p5 zeus.theos.com   Wed05PM     0 systat vm 1
deraadt  p6 zeus.theos.com   Wed05PM 2days tail -f /cvs/CVSROOT/ChangeLog
deraadt  p7 zeus.theos.com   Wed05PM     3 -csh
deraadt  p8 zeus.theos.com   Wed05PM     3 gv scanssh.ps
deraadt  p9 zeus.theos.com   Wed05PM  1:26 emacs -nw -u deraadt -f mh-rmail
deraadt  pa zeus.theos.com   Wed05PM    16 less machdep.c
deraadt  pb zeus.theos.com   Wed05PM    16 -csh
deraadt  pc zeus.theos.com   Wed05PM  5:57 -csh
angelos  pd coredump.cs.colu Thu02PM  2:48 icb -g hackers -h localhost -n angel
deraadt  pe zeus.theos.com   Wed05PM  2:29 -csh
provos   pf ssh-mapper.citi. Wed05PM 27:21 tail -f I_AM_A_LUSER_AND_A_MORON
brad     q0 speedy.comstyle. Wed06PM 28:27 tail -f /cvs/CVSROOT/ChangeLog
aaron    q1 nic-131-c68-101.  8:43AM    15 icb -scvs -ghackers
lebel    q2 modemcable093.15 Thu09PM  2:48 -bash
wvdputte q3 reptile.rug.ac.b  5:45AM 12:56 tail -f 2001-09
jason    q4 24-168-200-128.w Thu08AM  1day -ksh
deraadt  q5 hackphreak.org    4:20AM     0 w

Taken from http://web.textfiles.com/ezines/EL8/el8.3.txt.

Now with this post I don`t want to start any wars. I know that nothing
is bullet proof and so on but as a wannabe OBSD user I`m "just"
interested in if this compromise was analysed and especially how the
code has changed from then, what did you do to make sure that this
does not repeat. And if it was a third party app, why wasn`t it
configured within a jail? Ok, I learned that sysjail was announced on
May 22 2006, but surely you have chroot capability. And sysjail is
connected with systrace... Well again, don`t want to start any flame,
just interested how your community responded and responds to issues
like that.

With best regards,
Jernej

Reply via email to