Linked by Thom Holwerda on Wed 20th Jun 2007 20:07 UTC, submitted by Valour
OpenBSD "If you're a software enthusiast who has never used OpenBSD before, you might enjoy installing it by yourself and figuring it out as you go. If, however, you're looking for a more practical approach to using OpenBSD 4.1 on a desktop or server machine, here's a quick guide to get you started in this spectacular operating system."
Permalink for comment 249420
To read all comments associated with this story, please click here.
flav2000
Member since:
2006-02-08

I guess I wasn't too clear.

The problem with more software is that it gives more vectors for attack.

Software installed by default and not active *should* be secure. But, all it means is that the server daemon is not running. The executable is still sitting somewhere.

A newly installed server could have added a "hook" to run the executable of a non-enabled server. Something like this may just enabled a new vector of attack not realized before. Even experienced admins may miss something like that.

Speaking of gcc. Not having gcc installed means that a hacker cannot use gcc as a vector of attack. Sure, if a person has hacked a server they can do whatever they want - including adding gcc. But what I mean to say is that not having gcc may just have shut down attacks from that angle.

Reply Parent Score: 3