View Single Post
Old 21st June 2011
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
Join Date: May 2008
Location: USA
Posts: 3,435
Thanked 214 Times in 189 Posts

You asked a number of questions, CyberJet.
I'm very interested in setting up a bullet proof OpenBSD firewall. Is this possible?
Yes and no. Just because the OS is "Secure by Default" does not mean that any particular implementation of it in production is - or is not - susceptible to intrusion. Provisioning decisions, application deployments, infrastructure design, security policy decisions and adherence ... all play a role. For example, application-layer security issues (such as SQL injection attacks) are not addressed by an OpenBSD firewall, if the attacker's packets are passed by PF.
I have been hearing of all these hacks in the past week, just can believe it's that easy.
Security problems in IT occur all the time. You're just "hearing" about these because they are publicized.
Can these things be prevented with OpenBSD, it's supposed to be the most secure OS.
I think I answered that above, with a definite "maybe".
Why aren't more people using it?
Fixed that for you. 1) It isn't a panacea, it solves some problems, but is not all things to all people, for all applications. 2) It isn't advocated as the cure-all for the masses. It's barely advocated at all. Awareness is low. 3) It is free, and many commercial operations find themselves unable to use free software without managing support risks themselves.
Reply With Quote