Kurt Seifried, [email protected]
Well it's been a few months, and a new release of OpenBSD is out (since December 1st 1999 actually) and I thought it was high time I covered some of the new features and improvements. For those of you unfamiliar with OpenBSD it is a flavor of UNIX based on BSD, with one main goal in mind. Security. The entire purpose of OpenBSD is to provide a fast, stable, and above all, secure computing platform.
OpenBSD - a secure alternative
So you want to build a firewall, but aren't quite sure what to use? You might want to consider OpenBSD, an secure offshoot of the BSD family. From the beginning OpenBSD's entire purpose has been to be a secure operating system. In order to achieve this, the OpenBSD founder (Theo de Raadt) started a code audit project, pretty much every single line of code in OpenBSD has been checked, and many problems were found, and fixed. In addition to this OpenBSD is based out of Canada, which allows for the inclusion of strong cryptography software with the OS. One prime example is the planned addition of OpenSSH, based off of SSH 1.2.12, in the next release of OpenBSD (2.7, this winter or so). OpenBSD also has a slightly better network stack then Linux (at least 2.2.x Linux), applications such as Network Flight Recorder, which take large volumes of data off of the network simply do not work well under most operating systems. Many of the commercial IDS systems use OpenBSD as their OS of choice.
Securing Your Network With OpenBSD
This isn't a totally conventional article. I'm not going to be recommending you replace every UNIX server you've got with OpenBSD. Although the OpenBSD team did release 2.7 just last week, making it very hard not to cover its new features, this article will be a bit of both.
Last updated 9/10/2001
Copyright Kurt Seifried 2001