DaemonForums  

Go Back   DaemonForums > NetBSD > NetBSD Security

NetBSD Security Securing NetBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 18th May 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 446
Thanked 69 Times in 46 Posts
Default Securing your NetBSD system

[ I vaguely recall a similar thread on the old forum... ]

NetBSD obviously offers a lot of the fundamental security advantages that many *nix systems provide. At the base system level we have the benefit of an advanced, well tested OS.

The manpages for security(8) are illuminating, but I wonder if there aren't further tips (sysctl MIBs? other configuration/hardening ideas?) specific to NetBSD that could help secure a system.

Is anyone using Veriexec, or any of the other NetBSD exploit mitigation tools? How about other NetBSD OS-level security tools or resources you would like to share?

Feedback appreciated.
__________________
Kill your t.v.

Last edited by anomie; 18th May 2008 at 02:24 AM.
Reply With Quote
  #2   (View Single Post)  
Old 23rd May 2008
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Thanked 8 Times in 8 Posts
Default

Hello,

Here's a question to ask about NetBSD security:

Which is a better firewall - in performance, popularity, future, etc. - ipfilter or pf?
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
  #3   (View Single Post)  
Old 23rd May 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 446
Thanked 69 Times in 46 Posts
Default

Performance: I have no idea, and don't have the time/energy to test the multitude of scenarios.

Popularity: based on published books, and frequency of discussions, my guess would be that pf easily wins.

Future: ?
__________________
Kill your t.v.
Reply With Quote
  #4   (View Single Post)  
Old 25th May 2008
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Thanked 8 Times in 8 Posts
Default

Hello,

Quote:
Originally Posted by anomie View Post
Performance: I have no idea, and don't have the time/energy to test the multitude of scenarios.
Maybe I should have been more descriptive. I guess one can measure performance in terms of speed, memory usage, etc. - indeed, that is probably the most popular meaning of the word in computers. But, I meant performance in terms of effectiveness (I should have just said effectiveness). And this question is the most important.

How effective is each in doing its job - i.e., keeping the bad guys out?
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
  #5   (View Single Post)  
Old 27th May 2008
tonyex's Avatar
tonyex tonyex is offline
Real Name: Anton
Port Guard
 
Join Date: May 2008
Location: Sweden
Posts: 14
Thanked 0 Times in 0 Posts
Default

I use to write some scripts to denied the sshd script kiddies the access to my boxes
It was in the old forum.
I use an script and ipf rules to do that.
Reg /T
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Securing wifi networks with ipsec/ssh and openbsd Oko OpenBSD Security 4 16th April 2009 07:32 AM
Securing ftp access AlexDudko FreeBSD Security 6 12th January 2009 09:21 PM
File system at more than 100% michaelrmgreen FreeBSD General 4 28th July 2008 01:52 PM
How to backup my system PatrickBaer FreeBSD General 4 16th July 2008 08:12 PM
Which file system use to share data on Bsd system? aleunix Other BSD and UNIX/UNIX-like 2 1st June 2008 04:14 PM


All times are GMT. The time now is 07:08 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick