[rescue] RFA: firewall

Steve Sandau ssandau at gwi.net
Thu Jan 6 21:24:07 CST 2005

Shawn Wallbridge wrote:
> My new firewall took exactly 47min to get up and running (34min for the 
> OBSD install, 13 for configuration) ;-)
> shawn

Another vote for OBSD. I was a Solaris/HP-UX/Linux guy, but OBSD is 
incredibly secure with very little work. With enhancements including 
random pids, some random numbers (somehow that I don't understand) in 
TCP sequences, random loading of libraries in memory and a bunch more 
stuff I don't really understand, I think it is the most secure.

IPSEC is built into the kernel, and in some cases doesn't even require a 
daemon for a VPN. (The IPSEC VPN connection from here to work in 
absolutely reliable. One link is on two x86 boxes, the other on SPARC 
hardware.) The default install now includes neat stuff like NTP too.

On top of that, the ports collection has allowed me to install apache, 
pop3, pptp and more with very little effort.


More information about the rescue mailing list