[rescue] RFA: firewall
Steve Sandau
ssandau at gwi.net
Thu Jan 6 21:24:07 CST 2005
Shawn Wallbridge wrote:
> My new firewall took exactly 47min to get up and running (34min for the
> OBSD install, 13 for configuration) ;-)
>
> shawn
>
Another vote for OBSD. I was a Solaris/HP-UX/Linux guy, but OBSD is
incredibly secure with very little work. With enhancements including
random pids, some random numbers (somehow that I don't understand) in
TCP sequences, random loading of libraries in memory and a bunch more
stuff I don't really understand, I think it is the most secure.
IPSEC is built into the kernel, and in some cases doesn't even require a
daemon for a VPN. (The IPSEC VPN connection from here to work in
absolutely reliable. One link is on two x86 boxes, the other on SPARC
hardware.) The default install now includes neat stuff like NTP too.
On top of that, the ports collection has allowed me to install apache,
pop3, pptp and more with very little effort.
Steve
More information about the rescue
mailing list