[ale] ALE NW presentation for this month

Greg runman at speedfactory.net
Wed Aug 18 01:04:48 EDT 2004 

Yes, I would be happy to help with an install of OpenBSD.  The only part I
have never done is connecting it to a modem (I am strictly Ethernet in the
house w/ the only modems being Winmodems - 1 in a pc for an emergency and 7
in a box in a closet).

The instructions actually come with the CD's (along with an OpenBSD oriented
soundtrack) for those that support the project.  I use it for my public
servers and a transparent bridging firewall.

The big thing this year was the addition of CARP (from
http://www.openbsd.org/35.html )
# New tools for filtering gateway failover:

    * CARP (the Common Address Redundancy Protocol) carp(4) allows multiple
machines to share responsibility for a given IP address or addresses. If the
owner of the address fails, another member of the group will take over for
it.

    * Additions to the pfsync(4) interface allow it to synchronise state
table entries between two or more firewalls which are operating in parallel,
allowing stateful connections to cross any of the firewalls regardless of
where the state was initially created.

The only thing I have a problem with is the upgrading of installed
ports/packages.  It has about as many ports/packages as FreeBSD so you can
make it a desktop or whatever you want.  However, the default install has
only SSH turned on.  The team has done a code audit of the OS and the
following programs:


What is included with OpenBSD?
OpenBSD is distributed with a number of third-party software products,
including:

    * XFree86 4.4.0, unencumbered by a new license change; the X Window
environment, with local patches. For i386, v3.3 X servers are also included
for additional graphic chipset support. Installed with the x*.tgz install
file sets.
    * GCC versions 2.95.3 and 3.3.2. GNU C Compiler. The OpenBSD team has
added the Propolice stack protection technology, enabled by default, and
used throughout the OpenBSD userland and by default on applications compiled
on OpenBSD. Installed as part of the comp35.tgz file set.
    * Perl 5.8.2, with patches and improvements from the OpenBSD team.
    * Apache 1.3.29 web server. The OpenBSD team has added default
chrooting, privilege revocation, and other security-related improvements.
Also includes mod_ssl 2.8.16 and DSO support.
    * OpenSSL 0.9.7c, with patches and improvements from the OpenBSD team.
    * Groff 1.15 text processor.
    * Sendmail 8.12.11 mail server.
    * BIND 9.2.3 DNS server. OpenBSD has implemented many improvements in
chroot operation and other security-related issues.
    * Lynx 2.8.4rel.1 text web browser. With HTTPS support added, plus
patches from the OpenBSD team.
    * Sudo v1.6.7p5, allowing users to run individual commands as root.
    * Ncurses 5.2.
    * KAME IPv6.
    * Heimdal 0.6rc1 with patches
    * Arla-current
    * OpenSSH 3.8.1

As can be seen, the OpenBSD team often patches third-party products
(typically) to improve the security or quality of the code. In some cases,
the user will see no difference in operation, in other cases, there ARE
operational differences which may impact some users. Keep these enhancements
in mind before blindly adding different versions of the same software.

Of course, additional applications can be added through the OpenBSD packages
and ports system.

Greg



> -----Original Message-----
> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org]On Behalf Of
> Matthew Magee
> Sent: Tuesday, August 17, 2004 9:24 PM
> To: Atlanta Linux Enthusiasts
> Subject: Re: [ale] ALE NW presentation for this month
>
>
> Ahhhh!  A volunteer!  :)
>
> I've done it, but involved much head scratching and questionable results.
>
> Greg wrote:
>
> >It is really the easiest thing in the world.  I have 4 of them
> running and
> >it works great.
> >
> >Greg
> >
> >
> >
> >>-----Original Message-----
> >>From: ale-bounces at ale.org [mailto:ale-bounces at ale.org]On Behalf Of
> >>alelist
> >>Sent: Tuesday, August 17, 2004 7:36 PM
> >>To: Atlanta Linux Enthusiasts
> >>Subject: Re: [ale] ALE NW presentation for this month
> >>
> >>
> >>Yeah, I'd like to see Open BSD installed by command-line only.
> >>
> >>On Tue, 2004-08-17 at 19:00, Matt Magee wrote:
> >>
> >>
> >>>On Tuesday 17 August 2004 06:08 am, Geoffrey wrote:
> >>>
> >>>
> >>>>I do not have a presenter for this month.  If anyone has
> >>>>
> >>>>
> >>anything they'd
> >>
> >>
> >>>>like to present on, please let me know asap.
> >>>>
> >>>>
> >>>I don't have anything to present, but I do have an old box
> >>>
> >>>
> >>(K6-2 500) and an
> >>
> >>
> >>>OpenBSD CD.  If anyone knows BSD fairly well, we can set it up
> >>>
> >>>
> >>to see if the
> >>
> >>
> >>>OpenBSD folks have any good ideas in there.  Maybe see how the
> >>>
> >>>
> >>other Open
> >>
> >>
> >>>Source folks are doing.
> >>>
> >>>_______________________________________________
> >>>Ale mailing list
> >>>Ale at ale.org
> >>>http://www.ale.org/mailman/listinfo/ale
> >>>
> >>>
> >>--
> >>Certified Microsoft-free e-mail.
> >>
> >>_______________________________________________
> >>Ale mailing list
> >>Ale at ale.org
> >>http://www.ale.org/mailman/listinfo/ale
> >>
> >>
> >>
> >>
> >
> >_______________________________________________
> >Ale mailing list
> >Ale at ale.org
> >http://www.ale.org/mailman/listinfo/ale
> >
> >
> >
> >
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>
>
>

More information about the Ale mailing list