Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 23 May 1999 09:45:55 +0200
From:      Andreas Klemm <andreas@klemm.gtn.com>
To:        hackers@FreeBSD.ORG
Subject:   security: what does OpenBSD have, that FreeBSD doesn't have...
Message-ID:  <19990523094555.A33370@titan.klemm.gtn.com>
next in thread | raw e-mail | index | archive | help 

Hi !

Am currently discussing FreeBSD vs. OpenBSD in private e-mail.

What make OpenBSD so "secure" ? Or can this kind of security be
reproduced with FreeBSD ports ? I think of tools like:

        bjorb   - secure TCP relay software, 
                  http://www.hitachi-ms.co.jp/bjorb/ 
        bro     - Bro is a system for detecting Network Intruders in
                  real-time by the guys that brought you tcpdump, libpcap,
                  and flex
        cfs     - This is CFS, Matt Blaze's Cryptographic File System.
                  It provides transparent encryption and decryption of 
                  selected directory trees. It is implemented as a 
                  user-level NFS server and thus does not require any 
                  kernel modifications. Under FreeBSD, the mount command 
                  for the CFS tree must include "-o port=3049,nfsv2".
        fwtk    - The TIS Firewall Toolkit is a set of programs and 
                  configuration practices designed to facilitate the 
                  building of network firewalls.
        skip    - IP-Level Cryptography, Secure every application with 
                  one protocol. http://skip.incog.com
        stunnel - The stunnel program is designed to work as SSL 
                  encryption wrapper between remote client and
                  local (inetd-startable) or remote server. 
                  stunnel can be used to add SSL functionality 
                  to  commonly used  inetd  daemons like  POP-2,  
                  POP-3  and  IMAP servers without any changes in
                  the programs' code.
        tcp_wrapper - With this package you can monitor and filter
                  incoming requests for the SYSTAT, FINGER, FTP,
                  TELNET, RLOGIN, RSH, EXEC, TFTP, TALK, and other
                  network services.
        vscan   - McAfee's evaluation VirusScan for FreeBSD, provides
                  immediate scanning of MS-DOS files hosted on FreeBSD
                  Unix systems.

Could somebody please explain ?


-- 
Andreas Klemm                               http://www.FreeBSD.ORG/~andreas
                                  http://www.freebsd.org/~fsmp/SMP/SMP.html
                                powered by Symmetric MultiProcessor FreeBSD


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990523094555.A33370>