Thread: OpenBSD changes
View Single Post
  #1   (View Single Post)  
Old 9th September 2012
gpatrick gpatrick is offline
Spam Deminer
 
Join Date: Nov 2009
Posts: 245
Default OpenBSD changes

Recently it was announced that OpenBSD 5.2 will be released in November (6 months as usual which is good), however, I wish they would remove the "only 2 remote holes in a heck of a long time" from their website. Very few people are going to run a server, unless it is a firewall, etc., as a base install. If running a web server, app server, etc., it requires additional software.

Beside that, what new piece of technology has been added to OpenBSD lately that keeps it relevant in an ever-changing IT landscape? OpenSMTPD was included in 4.6, and pf is old even though it had a rewrite in 4.7 or 4.8.

Looking at FreeBSD they have Jails, Jailsv2, DTrace, zfs, HAST, OFED, Capsicum and much more, functionality that OpenBSD just dismisses as "it creates a security hole." Given the amount of functionality in FreeBSD, the number of exploits tabulated by US-CERT is insignificant compared to OpenBSD.

Some commonly known appliances using FreeBSD:
Code:
    - pfSense, m0n0wall, and FreeNAS open source projects
    - Juniper JunOS
    - Nokia CheckPoint IPSO
    - NetApp ONTAP
    - Citrix NetScaler
    - Ironport AsyncOS
    - KACE Kbox
    - NETASQ
    - Isilon
    - Sandvine SVOS
    - PlayStation®3
    - Netflix Open Connect
    - TaxiMagic
    - EdgeWave iPrism
    - Panasonic VIERA G20 , G25 and VT plasma TVs
    - Blue Coat ProxySG
    - Coyote Point Equalizer GX
    - iXsystems TrueNAS
Can anyone give a list of appliances used by OpenBSD?

For the record, my firewall, web server and mail server run OpenBSD but am considering a move to FreeBSD because of their active technological development that seems trivial in OpenBSD.

OpenBSD has a long list of changes between 5.0 and 5.1 but a lot are bug fixes and minor changes. What I would like is something along the lines of BHyVe, Virtio, LLVM, etc.