version 1.25, 2019/05/27 22:55:26 |
version 1.26, 2019/06/01 23:12:51 |
|
|
<html lang=en> |
<html lang=en> |
<meta charset=utf-8> |
<meta charset=utf-8> |
|
|
<title>OpenBSD: Users' Views</title> |
<title>OpenBSD: Users' Views</title> |
<meta name="viewport" content="width=device-width, initial-scale=1"> |
<meta name="viewport" content="width=device-width, initial-scale=1"> |
<link rel="stylesheet" type="text/css" href="openbsd.css"> |
<link rel="stylesheet" type="text/css" href="openbsd.css"> |
<link rel="canonical" href="https://www.openbsd.org/testimonials.html"> |
<link rel="canonical" href="https://www.openbsd.org/testimonials.html"> |
|
|
Compact Flash. Largely runs untroubled, pushing ~ 400Mb/s. |
Compact Flash. Largely runs untroubled, pushing ~ 400Mb/s. |
Main motivation was the cost savings compared to equivalent |
Main motivation was the cost savings compared to equivalent |
Junpier/Cisco kit. |
Junpier/Cisco kit. |
I hope to be testing the new MPLS code soon. |
I hope to be testing the new MPLS code soon. |
|
|
<h3><a href="mailto:SKohrman@apu.edu">Shawn Kohrman</a> writes:</h3> |
<h3><a href="mailto:SKohrman@apu.edu">Shawn Kohrman</a> writes:</h3> |
<p> |
<p> |
|
|
<p> |
<p> |
I did some programming on an OpenBSD machine, after this I really |
I did some programming on an OpenBSD machine, after this I really |
appreciated the man pages. Other Unices I used had man pages that |
appreciated the man pages. Other Unices I used had man pages that |
simply weren't any good. |
simply weren't any good. |
<p> |
<p> |
Keep up the good work guys. |
Keep up the good work guys. |
|
|
|
|
I have installed, secured, and maintained Linux, Windows NT and OpenBSD in |
I have installed, secured, and maintained Linux, Windows NT and OpenBSD in |
highly secure environments. (yes you can secure Linux and Windows NT in |
highly secure environments. (yes you can secure Linux and Windows NT in |
this environment :) ). Having said that I have to point out that if you |
this environment :) ). Having said that I have to point out that if you |
want a minimum administration to keep up with security issues option you |
want a minimum administration to keep up with security issues option you |
need to pick OpenBSD by far. It is not uncommon for people to go years without |
need to pick OpenBSD by far. It is not uncommon for people to go years without |
updating their production OpenBSD machines because they are just rock solid |
updating their production OpenBSD machines because they are just rock solid |
and there are no known "remote" vulnerabilities. Thus no good reason to |
and there are no known "remote" vulnerabilities. Thus no good reason to |
upgrade... |
upgrade... |
<p> |
<p> |
I would feel perfectly happy to have one of my [novice] interns do a basic |
I would feel perfectly happy to have one of my [novice] interns do a basic |
OpenBSD install on a PC (no extra security work after the install) and then put |
OpenBSD install on a PC (no extra security work after the install) and then put |
the companies crown jewels on that machine and then walk away for a year. |
the companies crown jewels on that machine and then walk away for a year. |
Knowing full well that machine hasn't crashed, been broken into or in need |
Knowing full well that machine hasn't crashed, been broken into or in need |
of an OS upgrade. You can't say that about NT or Linux. |
of an OS upgrade. You can't say that about NT or Linux. |
Or if you do you obviously haven't ever used the product that way :) |
Or if you do you obviously haven't ever used the product that way :) |
<p> |
<p> |
Another thing that I hear people point out is go check your local exploit |
Another thing that I hear people point out is go check your local exploit |
site or vulnerability alert mailing list and see if you can find a "remote" |
site or vulnerability alert mailing list and see if you can find a "remote" |
root level exploit that works on OpenBSD. I dare say you won't find any that |
root level exploit that works on OpenBSD. I dare say you won't find any that |
are less than 12 months old. |
are less than 12 months old. |
|
|
<h3>Jan Johansson gave this reply to a "how do I build a cheap web server?" query:</h3> |
<h3>Jan Johansson gave this reply to a "how do I build a cheap web server?" query:</h3> |
<p> |
<p> |
I work today with Solaris, OpenBSD, NT Server, NT Workstation and Win 95. |
I work today with Solaris, OpenBSD, NT Server, NT Workstation and Win 95. |
<p> |
<p> |
After reading Bugtraq for some weeks I will say that I will never put |
After reading Bugtraq for some weeks I will say that I will never put |
any (important) machine on the Internet if there is not a firewall in |
any (important) machine on the Internet if there is not a firewall in |
front and for packet filtering I go for OpenBSD... |
front and for packet filtering I go for OpenBSD... |
<p> |
<p> |
For a cheap web server I say hardware from a known vendor, an ordered |
For a cheap web server I say hardware from a known vendor, an ordered |
OpenBSD CD-ROM and Apache... |
OpenBSD CD-ROM and Apache... |
|
|
<h3><a href="mailto:wyodlows@nj.devry.edu"> |
<h3><a href="mailto:wyodlows@nj.devry.edu"> |
|
|
<p> |
<p> |
Our OpenBSD servers were probed and then left alone. |
Our OpenBSD servers were probed and then left alone. |
<p> |
<p> |
In the intervening two years, that original server got upgraded |
In the intervening two years, that original server got upgraded |
and patched several |
and patched several |
times and the OS never gave us reason to question the reliability or |
times and the OS never gave us reason to question the reliability or |
security of OpenBSD. |
security of OpenBSD. |
|
|
It was a P133 with 64MB ram. And it didn't go down. It got a bit slower, |
It was a P133 with 64MB ram. And it didn't go down. It got a bit slower, |
but never crashed :-) |
but never crashed :-) |
|
|
<h3>John J. Adelsberger III said this about us in Bruce Schneier's |
<h3>John J. Adelsberger III said this about us in Bruce Schneier's |
<a href="http://www.counterpane.com/crypto-gram-0004.html#CommentsfromReaders"> |
<a href="http://www.counterpane.com/crypto-gram-0004.html#CommentsfromReaders"> |
Crypto-Gram</a>:</h3> |
Crypto-Gram</a>:</h3> |
<p> |
<p> |
(the comments he is responding to are Schneier's) |
(the comments he is responding to are Schneier's) |
<blockquote> |
<blockquote> |
<p> |
<p> |
Real systems show no signs of becoming less |
Real systems show no signs of becoming less |
complex. In fact, they are becoming more complex, |
complex. In fact, they are becoming more complex, |
faster and faster. Microsoft Windows is a poster |
faster and faster. Microsoft Windows is a poster |
child for this trend to complexity. |
child for this trend to complexity. |
<p> |
<p> |
... |
... |
<p> |
<p> |
The other choice is to slow down, to simplify, |
The other choice is to slow down, to simplify, |
and to try to add security. |
and to try to add security. |
</blockquote> |
</blockquote> |
<p> |
<p> |