I concur. ASB http://www.ultratech-llc.com/KB
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Roger Seielstad Sent: Monday, December 09, 2002 6:54 AM To: NT 2000 Discussions Subject: RE: Kinda OT -- Firewall servers and the like (home use) > Microsoft, and most Linux vendors, could stand to learn a > thing or two from OpenBSD. Agreed, on all counts. I've got a firm belief that OpenBSD will be one of the most influential OS's over the next five years based entirely on that statement. ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 06, 2002 7:27 PM > To: NT 2000 Discussions > Subject: RE: Kinda OT -- Firewall servers and the like (home use) > > > On Fri, 6 Dec 2002, at 7:30am, [EMAIL PROTECTED] wrote: > > obsd is more secure, but "in practice" fbsd is just as > good, esp for the > > situation discussed. > > OpenBSD's security isn't due so much to superior software > (a lot of it is > the same code the other BSDs, and even many Linux flavors, > use), but their > better approach to configuring it. They apply the principle > of "deny by > default" to everything. They don't enable services to run by > default. > Services are configured "locked down" by default. They make > extensive use > of things like unprivileged processes, separate user accounts > for different > services, and chroot jails. So, a freshly installed OpenBSD > box, rather > than being open to the entire universe, is completely locked > down. The > admin just has to open the things he or she wants, rather > then plugging all > the holes the vendor installed for him. > > Microsoft, and most Linux vendors, could stand to learn a > thing or two > from OpenBSD. > > -- > Ben Scott <[EMAIL PROTECTED]> ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
