[NCLUG] Network configuration

Quent quent at pobox.com
Thu Oct 26 00:15:10 MDT 2000


Since this is a Linux Users' Group list, I'd hate to promote BSD :-)

They're similar except that OpenBSD has been built with much attention to
security. They like to claim that there haven't been any root exploits
in 3 years. Others dispute that. In any case they've gone through all
the base code looking for security holes.

The current OpenBSD CDROM  "liner notes" says "Blame Canada".  The
previous said "Made in Canada -- land of free cryptography".  It also said
"Canada kicks ass" :-)

Canada is just like Finland, right?

FreeBSD is easier to install and I think the kernel code base is
somewhat different. Both kernels come from the Berkeley Unix kernel.

Being an operating system nut I like to mess around with all of them.
Given enough time and money I would probably run a machine for every
O/S not made by Microsoft :-)

You can build a decent, secure environment with Linux just as well
as you can with OpenBSD. It's just that "out of the box" OpenBSD
boots up in a pretty secure state.

It's probably fair to say that FreeBSD and OpenBSD compare to each other
similar to the way that Linux distributions compare with each other.
Different styles, installation procedure, package sets...

	Quent

On Thu, Oct 26, 2000 at 04:51:02AM +0000, dobbster wrote:
> > I like the packet filter/firewall tool "ipf" on OpenBSD.  The "ipnat"
> > gizmo is pretty nifty too.
> > 
> > Unlike ipchains, ipf can keep state info on ICMP, UDP and TCP.  I think
> > the code ports to other O/S's like Linux and Solaris. You can build a
> > tighter firewall with it, IMHO.
> > 
> > With all the excitement over embedded Linux (the current Linux Journal has
> > a nice supplement) I'm expecting to see some cool firewall projects. It
> > would be nice to build a little firewall box the size of a cheapo 4 port
> > hub with no moving parts. I guess I should enter their contest :-)
> > 
> > The Cisco 675 DSL box has packet filtering ability. For non-routed,
> > bridged-mode guys like me it's not useful; I'm not sure I trust it either.
> > Anyone have any experience with it?
> > 
> > Whoops, didn't mean to drive this thread down another path :-)
> > 
> >         Quent
> > 
> 
> My 675 is in PPP mode, so I'll try this.
> 
> Obviously I have a lot reading to do.  ipf/ipnat/ipchains - All quite
> alien to me.
> 
> Is OpenBSD the same as FreeBSD?  Should I really use it?
> 
> Thanks again...  I am very grateful for all of the assistance, and I
> apologize for sending so many messages out here.
> 
> Mark (dobbster at frii.com)
> _______________________________________________
> NCLUG mailing list
> NCLUG at nclug.org
> http://www.nclug.org/mailman/listinfo/nclug
> 
> 



More information about the NCLUG mailing list