version 1.214, 2001/10/24 15:28:08 |
version 1.215, 2001/10/24 19:23:21 |
|
|
<dl> |
<dl> |
|
|
<h2>October, 2001</h2> |
<h2>October, 2001</h2> |
|
|
<li><font color=#009000><strong> |
<li><font color=#009000><strong> |
<a href="http://dailynews.yahoo.com/h/zd/20011002/tc/how_code_red_revealed_the_perils_of_port_80_1.html"> |
<a href="http://dailynews.yahoo.com/h/zd/20011002/tc/how_code_red_revealed_the_perils_of_port_80_1.html"> |
How Code Red revealed the perils of port 80</a>, ZDNet, October 2, 2001 |
How Code Red revealed the perils of port 80</a>, ZDNet, October 2, 2001 |
</strong></font><br> |
</strong></font><br> |
In an article about the effects and consequences of the Code Red worm which attacked |
|
Webservers running the IIS from Microsoft, the merits of reliability instead of new features |
In an article about the effects and consequences of the Code |
|
Red worm which attacked Webservers running the IIS from |
|
Microsoft, the merits of reliability instead of new features |
are discussed. As a positive example they use OpenBSD. |
are discussed. As a positive example they use OpenBSD. |
</li> |
<p> |
|
|
|
<h2>August, 2001</h2> |
|
|
|
<li><font color=#009000><strong> |
|
<a href="http://www.unixreview.com/documents/s=1232/urm0108m/"> |
|
Thinking about Security</a>, Unix Review, August 2001 |
|
</strong></font><br> |
|
|
|
Following the Code Red worm hit of ISS, Joe "Zonker" |
|
Brockmeier takes a tour through systems administration |
|
security and says that even secured operating systems running |
|
Apache like OpenBSD and others have security issues from time |
|
to time.<br> |
|
Oh well, we'll have to live with not having a total secure |
|
system and just the most secure system. |
|
<p> |
|
|
|
<li><font color=#009000><strong> |
|
<a href="http://www.samag.com/documents/s=1147/sam0108m/"> |
|
Homebrew Intrusion Detection Systems</a>, SysAdmin, August 2001 |
|
</strong></font><br> |
|
|
|
Chris Kuethe goes one step ahead of installing network |
|
intrusion detection systems and writes on how to make the |
|
right environment for these tools and how to put them to work |
|
instead, for which he takes OpenBSD as the platform of his |
|
choice:<br> |
|
<em>"To the best of my knowledge (reproducible evidence |
|
to the contrary is welcome) OpenBSD has the fastest IP stack |
|
available (although all BSD-derived operating systems have |
|
good network code) and an enviable security record. The |
|
network monitor is unique in that it is often outside of any |
|
network security devices and as such must be well |
|
armored."</em><br> |
|
For the references, he points out that <em>"OpenBSD has |
|
thorough documentation; almost everything you'll ever need to |
|
know about making your analysis station be well behaved and |
|
stable can be found in the man pages or the FAQ."</em> |
|
<br> |
|
Bravo! |
|
<p> |
|
|
<h2>July, 2001</h2> |
<h2>July, 2001</h2> |
|
|
<li><font color=#009000><strong> |
<li><font color=#009000><strong> |
An article on <a href="http://www.sun.com/blueprints/0701/openSSH.html"> |
An article on <a href="http://www.sun.com/blueprints/0701/openSSH.html"> |
Sun's Solaris Blueprints Online series</a> |
Sun's Solaris Blueprints Online series</a> |
</strong></font> |
</strong></font> |
|
|
talks about OpenSSH as a good replacement for telnet, rlogin, and friends. |
talks about OpenSSH as a good replacement for telnet, rlogin, and friends. |
The article goes on to say: |
The article goes on to say: |
<br>"OpenSSH is managed by the OpenBSD team. OpenBSD is an open |
<br>"OpenSSH is managed by the OpenBSD team. OpenBSD is an open |
|
|
free. A major goal of the OpenBSD project is to create a secure |
free. A major goal of the OpenBSD project is to create a secure |
operating system by auditing source code, fixing security problems |
operating system by auditing source code, fixing security problems |
quickly, and integrating security tools and cryptographic software..." |
quickly, and integrating security tools and cryptographic software..." |
</li> |
<p> |
|
|
<h2>June, 2001</h2> |
<h2>June, 2001</h2> |
|
|
|
|
<a href="http://www.internetweek.com/reviews01/rev061801.htm"> |
<a href="http://www.internetweek.com/reviews01/rev061801.htm"> |
The OS X Files: Apple's updated operating system looks to the Internet</a>, InternetWeek, June 18, 2001 |
The OS X Files: Apple's updated operating system looks to the Internet</a>, InternetWeek, June 18, 2001 |
</strong></font><br> |
</strong></font><br> |
|
|
On a review of the Mac OS X, Larry Loeb adresses the question |
On a review of the Mac OS X, Larry Loeb adresses the question |
on how the change from Mac OS to Mac OS X will affect security |
on how the change from Mac OS to Mac OS X will affect security |
by saying:<br> <em>"[...] the Unix layer is based on OpenBSD, |
by saying:<br> <em>"[...] the Unix layer is based on OpenBSD, |
|
|
Strife and success in the land of open source</a>, |
Strife and success in the land of open source</a>, |
ZDNet News, June 11, 2001 |
ZDNet News, June 11, 2001 |
</strong></font><br> |
</strong></font><br> |
|
|
Stephan Somogyi reviews the latest issue with the IPF licence and |
Stephan Somogyi reviews the latest issue with the IPF licence and |
examines why the OpenBSD team made the decision of removing it from |
examines why the OpenBSD team made the decision of removing it from |
its source tree altogether. But <em>"code talks, and OpenBSD has |
its source tree altogether. But <em>"code talks, and OpenBSD has |
|
|
Interview with Wietse Venema about his tcp_wrappers license</a>, |
Interview with Wietse Venema about his tcp_wrappers license</a>, |
BSD Today, June 1, 2001 |
BSD Today, June 1, 2001 |
</strong></font><br> |
</strong></font><br> |
|
|
Doing more research about licenses in the BSD tree, Jeremy C. Reed found that the license of |
Doing more research about licenses in the BSD tree, Jeremy C. Reed found that the license of |
the tcp_wrappers wasn't compliant with the BSD goals. The following interview with Wietse Venema |
the tcp_wrappers wasn't compliant with the BSD goals. The following interview with Wietse Venema |
caught the eye of Theo de Raadt, who had a lengthy and fun discussion about the license with Wietse. |
caught the eye of Theo de Raadt, who had a lengthy and fun discussion about the license with Wietse. |
|
|
Why Linux Will Never Be as Secure as OpenBSD, |
Why Linux Will Never Be as Secure as OpenBSD, |
SecurityPortal, May 16, 2001 |
SecurityPortal, May 16, 2001 |
</strong></font><br> |
</strong></font><br> |
|
|
As a followup to his article one week before, titled |
As a followup to his article one week before, titled |
<!-- <a href="http://www.securityportal.com/closet/closet20010509.html"> -->"Why OpenBSD will never be as secure as Linux" |
<!-- <a href="http://www.securityportal.com/closet/closet20010509.html"> -->"Why OpenBSD will never be as secure as Linux" |
, Kurt Seifried comes to the conclusion that clean and good programming is more important than dozens of features and |
, Kurt Seifried comes to the conclusion that clean and good programming is more important than dozens of features and |
|
|
Flaw found in common Internet standard</a>, |
Flaw found in common Internet standard</a>, |
ZDNet News, May 3, 2001 |
ZDNet News, May 3, 2001 |
</strong></font><br> |
</strong></font><br> |
|
|
Robert Lemos talks about the <a href="http://www.cert.org">CERT</a> |
Robert Lemos talks about the <a href="http://www.cert.org">CERT</a> |
<a href="http://www.cert.org/advisories/CA-2001-09.html">warning</a> concerning the Initial Sequence Numbers |
<a href="http://www.cert.org/advisories/CA-2001-09.html">warning</a> concerning the Initial Sequence Numbers |
(ISN), which could be used to hijack TCP connections of several OS's, but not so |
(ISN), which could be used to hijack TCP connections of several OS's, but not so |
|
|
key members of the BSD movement at the recent USENIX Security Symposium 2000. |
key members of the BSD movement at the recent USENIX Security Symposium 2000. |
<p> |
<p> |
|
|
</li> |
|
|
|
<h2>December, 2000</h2> |
<h2>December, 2000</h2> |
|
|
|
|
<li><font color=#009000><strong> |
<li><font color=#009000><strong> |
<a |
<a |
href="http://eltoday.com/article.php3?ltsn=2000-12-26-001-13-PS">Florist.com |
href="http://eltoday.com/article.php3?ltsn=2000-12-26-001-13-PS">Florist.com |
|
|
author concludes that the authors aren't paranoid enough in stripping down |
author concludes that the authors aren't paranoid enough in stripping down |
the firewall system to the bare essentials. |
the firewall system to the bare essentials. |
<p> |
<p> |
|
|
<li><font color=#009000><strong> |
<li><font color=#009000><strong> |
<a |
<a |
href="http://www.vnunet.com/Features/1113887">What the future holds for |
href="http://www.vnunet.com/Features/1113887">What the future holds for |
|
|
<!-- <a href="http://www.sunworld.com/sunworldonline/swol-11-2000/swol-1110-silicon.html"> --> |
<!-- <a href="http://www.sunworld.com/sunworldonline/swol-11-2000/swol-1110-silicon.html"> --> |
BSDCon 2000: A small, tasty conference, Sun World, November 2000 |
BSDCon 2000: A small, tasty conference, Sun World, November 2000 |
</strong></font><br> |
</strong></font><br> |
|
|
Silicon Carny columnist Rich Morin reviews BSD Con 2000. He gives an overview |
Silicon Carny columnist Rich Morin reviews BSD Con 2000. He gives an overview |
of the five BSD variants available and a bit of atmosphere from the conference. |
of the five BSD variants available and a bit of atmosphere from the conference. |
<p> |
<p> |
|
|
<p> |
<p> |
|
|
<li><font color=#009000><strong> |
<li><font color=#009000><strong> |
<a href="http://www.unixreview.com/open_source/articles/0006bsd.shtml">The |
<a href="http://www.unixreview.com/documents/s=1247/urm0006c/"> |
state of the daemon</a>, UNIX Review, June 7, 2000 |
The state of the daemon</a>, UNIX Review, June 7, 2000 |
</strong></font><br> |
</strong></font><br> |
|
|
Michael Lucas reviews the state of the art for BSD-derived systems, |
Michael Lucas reviews the state of the art for BSD-derived systems, |
|
|
<a href="http://www.gnupg.org/">GNU Privacy Guard</a> runs fine on OpenBSD.<p> |
<a href="http://www.gnupg.org/">GNU Privacy Guard</a> runs fine on OpenBSD.<p> |
|
|
<li><font color=#009000><strong> |
<li><font color=#009000><strong> |
<a href="http://www.samag.com/archive/0809/feature.shtml">Maintaining |
<a href="http://www.samag.com/documents/s=1174/sam9909d/"> |
Patch Levels with Open Source BSDs</a>, SysAdmin feature article, Sept. 1999 |
Maintaining Patch Levels with Open Source BSDs</a>, SysAdmin feature article, Sept. 1999 |
</strong></font><br> |
</strong></font><br> |
|
|
Michael Lucas explains the broad lines of the BSD development model and |
Michael Lucas explains the broad lines of the BSD development model and |