|
OpenBSD Security Functionally paranoid! |
|
Thread Tools | Display Modes |
|
||||
Blog article "Security: OpenBSD VS FreeBSD"
Hello,
I tried to objectively compare the security of OpenBSD and FreeBSD, and explain their security features. I'm a user of both OS, and my purpose by writing this article was to bring information, not to attack any OS: http://networkfilter.blogspot.com/20...s-freebsd.html I hope you will like it Regards, Guillaume |
|
|||
Without saying too much, I will note just as you did that HardenedBSD is not part of FreeBSD mainline.
|
|
|||
Quote:
It is safe to use and you're only disseminating FUD. |
|
|||
There was talk on the FreeBSD lists about moving to the DragonFly BSD mailer. I don't remember what happened with it (I want to say the discussion took place back in February) but I guess judging by the previous post it wasn't integrated.
|
|
||||
Quote:
About systrace, I am aware it is not strong enough used alone, even the man page at the end mentions it in the BUGS section: Quote:
Regards, Guillaume |
|
||||
Thank you for this
Quote:
On the security related note I was working over the weekend on Kerberos and AFS (Andrew File System). As many of you know Kerberos (actually its international/Swedish implementation Heimdal) has been moved from OpenBSD base to ports due to the lack of men power to properly clean this complicated protocol used by few. Kerberos support was removed from LibreSSL as well. Arla (AFS) has been removed long time ago due in part to political reason (Theo refused to use the name of the company Arla for the file system). With OpenAFS port stuck at 1.4.something (current release is 1.6.10) and compiling only on i386 OpenBSD has no AFS support to speak of. All of above is very appealing to security conscious but not very practical in real life at least at my work place. For the record FreeBSD has great support for both Kerberos and OpenAFS. Last edited by Oko; 15th December 2014 at 08:18 PM. |
|
|||
Just want to mention that your article has gone big. Friends of mine in the security world (who aren't *BSD users at all) have been forwarding me the article. I feel somewhat awkward saying to them I was probably one of the very first to read it in its published form
|
|
||||
Quote:
|
|
|||
Thanks for the great article ! sure it will make many mouths water.
|
|
|||
Great overview of sec features! thank you, nicely done!
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
How to replace "ectags" with "ctags"? | fender0107401 | OpenBSD Packages and Ports | 5 | 16th April 2013 10:01 AM |
Thoughts on Information "Security" | jggimi | OpenBSD Security | 1 | 22nd June 2011 09:02 PM |
Other Interesting "Security" Issue on GRUB 2 | vermaden | News | 2 | 10th November 2009 01:19 PM |
Fixed "xinit" after _7 _8, "how" here in case anyones' "X" breaks... using "nvidia" | jb_daefo | Guides | 0 | 5th October 2009 09:31 PM |
"free" command/perl script for freebsd | unixdude | FreeBSD General | 0 | 17th November 2008 09:23 PM |