On 2012-09-20, Mathieu Simon mathieu@gmail.com wrote:
G'day
This is my first post to this list - so bear with me...
OpenBSD has not yet replaced BIND with NSD + Unbound, but NSD 3.2.9 is
enabled in 5.1 builds. This version has at least 2 known CVE's that
have been fixed with upstream
Am 21.09.2012 14:51, schrieb Stuart Henderson:
CVE-2012-2979 isn't relevant as it's a non-standard
build option that we don't use.
Good to know, thanks.
I have not found a patch for in 5.1 erratas so far.
I've just committed a fix for CVE-2012-2978 to 5.1-stable,
but I don't have time to
G'day
This is my first post to this list - so bear with me...
OpenBSD has not yet replaced BIND with NSD + Unbound, but NSD 3.2.9 is
enabled in 5.1 builds. This version has at least 2 known CVE's that
have been fixed with upstream releases:
3.2.12:
Fix for VU#624931 CVE-2012-2978: NSD denial of
Jean-Francois wrote:
Hi All,
My question is in two parts.
First considering the default install, assuming that one box should be
only used for exapample as a firewall, how good is the security level ?
what kind of rating system are you looking for?
My answer is, better than anything
You have to think carefully about the question you are asking. If
there are two known remote exploits, what do you think any studies
would show you? Less exploits? More exploits? If more, wouldn't
that make it into the known exploits list, unless it's a private
study where nobody can get
Hi,
First considering the default install, assuming that one box should be
only used for exapample as a firewall, how good is the security level ?
I mean I know there are only 2 remote holes in 10 years, but my qustion
is do we have any experience about the level of security such as studies
To quote someone a lot smarter than me:
Program testing can be used to show the presence of bugs, but
never to show their absence! -- Edsger Dijkstra, [1972]
That should answer your question.
# Han
Hi
This is clear and I truly agree, now maybe not everyone will be capable
of breaking into the default system openbsd (this was my first question)
and evade from chroot (my second question) therefore the other way
around to ask about that concern would be which probability do you
estimate for
Hi
Thanks for your answer.
bofh a icrit :
You have to think carefully about the question you are asking. If
there are two known remote exploits, what do you think any studies
would show you? Less exploits? More exploits?
I mean what is the experience.
If more, wouldn't
that make it into
On Sun, Apr 26, 2009 at 10:43 PM, Jean-Francois jfsimon1...@gmail.com wrote:
I intend to use the box as a simple firewall so I do not intend to have
possible break into. The simple task is NAT rule
So this is nat + firewalling, not one task, two.
Sorry I don't understand. I have just simple
Good evening,
Thanks for your answer, my comments within.
Regards,
Jean-Frangois
Nick Holland a icrit :
Jean-Francois wrote:
Hi All,
My question is in two parts.
First considering the default install, assuming that one box should be
only used for exapample as a firewall, how good is the
On Sun, Apr 26, 2009 at 11:08 PM, Jean-Francois jfsimon1...@gmail.com wrote:
This is just to have the taste of how good is the actual achievement of
security in openbsd.
Well, reading from the archives, that should give you a fairly good taste.
Sorry please tell me how to proceed then ? For
You need to understand that you're asking questions for which there is
no specific answer.
I think Nick's first response to your question answered it best -
OpenBSD would be better than anything else.
If you were to ask specific, detailed questions about specific attack
vectors, then specific
FRLinux wrote:
On Sun, Apr 26, 2009 at 11:08 PM, Jean-Francois
jfsimon1...@gmail.com wrote:
This is just to have the taste of how good is the actual
achievement of
security in openbsd.
Well, reading from the archives, that should give you a
fairly good taste.
Sorry please tell me
14 matches
Mail list logo