OpenBSD has a reputation for high security and difficult operating systems for new user. But, some orginsations are using OpenBSD for everything including firewall, servers and desktop computers. This is quite impressive, from the article:
So our paid job is hacking on and deploying, maintaining, supporting… OpenBSD installations. We are also required to hack on things that can be merged back into OpenBSD itself and when it’s not possible, then we change what we did so that it can be. Of course some developments are very specific to what we do and have no place in the project’s CVS tree.
So, amongst other services, we set up and maintain several 100% OpenBSD-based infrastructures (going from the entry site firewall to the secretary’s workstation) and this is what I’m going to talk about here.
As a side note, it is important to know that we are working exclusively for Fortune 500 companies (each operating in totally different and unrelated sectors).
Read more: A Puffy in the corporate aquarium.
I‘m still working on getting my rss feed mess which bombarded your feed reader and inbox two days ago. Meanwhile, our FAQ section is updated in last few days with new howtos (if you want FAQ updates just follow us on twitter or identi.ca):
Lets see how much effort it is going to take to convert this configuration to entirely different firewall platform – PF on OpenBSD. There are different ways to do this. I could make a copy of each member firewall (linux-test-1 and linux-test-2), set platform and host OS in the copy to PF and OpenBSD and then create new cluster object. This would be a sensible way because it preserves old objects which helps to roll back in case something does not work out. However, to make the explanation shorter, I am going to make the changes in place by modifying existing objects.
Good news from OpenBSD project. The OpenBSD Foundation is pleased to announce today it has completed its organization as a Canadian federal non-profit corporation and is ready for public interaction. The OpenBSD Foundation is a Canadian not-for-profit corporation which exists to support OpenBSD and related projects such as OpenSSH, OpenBGPD, OpenNTPD, and OpenCVS. While the [...]
Packet Filter aka PF is OpenBSD’s system for filtering TCP/IP traffic / NAT software. I always like the simplicity offered by PF firewall. There is a new article that explains the PF performance monitoring: The PF (packet filter) firewall package was introduced in OpenBSD 3.0, and has since been ported to the FreeBSD and NetBSD [...]
