"Even if you don't use OpenBSD, you're likely to be benefiting from it unknowingly. If you're using Solaris, SCO UnixWare, OS X, SUSE Linux, or Red Hat Enterprise Linux, chances are you're using the OpenBSD-developed OpenSSH for secure shell access to remote machines. If so many are using this software, why are so few paying for it? Official responses (and non-responses) from Sun Microsystems, IBM, Novell, and Red Hat are below, but if you're one of the freeloaders who hasn't contributed to OpenBSD or OpenSSH, what's your excuse?"
"Theo de Raadt is the project leader for OpenBSD, a Unix-like operating system. We spoke with Theo about the upcoming release of OpenBSD, 3.9, the financial state of the project, and about companies that profit from free software without contributing back."
OpenBSD 3.9 will include a new sensor framework to allow system administrators to monitor the environmental conditions of servers running OpenBSD. OpenBSD 3.9, which is scheduled for release on 1 May, includes support for the sensors and the sensor management tools used on a number of architectures, Theo de Raadt, the founder and lead developer of OpenBSD, told ZDNet UK earlier this week.
OpenBSD has asked for donations: "To fulfill most development goals OpenBSD should be generating about $100K USD. With that amount of money the project can finance 1 large and 4 small hackathons per year. Pay the bills and a part-time developer to mind the shop when Theo isn't around. In an ideal world we would have a sponsor per hackathon and the CD sales would be paying for other expenses." On a very related note, pre-orders for OpenBSD 3.9 are now available.
"This IPv4-centric document is meant both as an overview to the IP Security Protocol (IPsec) and as an introduction to OpenBSD's implementation of it. By the end the reader will have learned how to set up various types of IPsec installations on OpenBSD. Each type of installation includes guidance regarding firewall protection using, of course, the unsurpassed OpenBSD packet filter."
"I started OpenBGP two years ago, after getting completely fed up with Zebra, which we were running before. There were lots of bugs, bad configuration language, performance problems, and since I don't speak Japanese - I had problems understanding the documentation. Zebra makes heavy use of cooperative threads, which leads to it's main problem: combined with the central event queue, Zebra can lose sessions while busy. Zebra successor, Quagga, caught up and apparently fixed many of the bugs. However, they still used the Zebra's design, which I think is wrong. So, the issues are kind of unfixable."
"That's it for 3.9! Tree locks are upon us so unless something critical breaks, nothing will go in anymore. For me and Jordan this means to stop ACPI development until the tree is unlocked. So now it is of to test, test, test! That goes for you too; if you are reading this you should stop and install snapshots on as many machines and architectures as possible. We always appreciate test reports from folks in the field."
OliveBSD is a live CD based on OpenBSD 3.8. It uses IceWM as its desktop environment (using ROX-Filer as file manager), and comes with the usual suspects when it comes to software. Firefox, Thunderbird, GIMP, Gaim, Xmms; they require no introduction. There are enough screenshots in there, boys and girls, so enjoy.
To many privacy geeks, it's the holy grail - a totally anonymous and secure computer so easy to use you can hand it to your grandmother and send her off on her own to the local Starbucks. Titled Anonym.OS, the system is a type of disk called a 'live CD' - meaning it's a complete solution for using a computer without touching the hard drive. Developers say Anonym.OS is likely the first live CD based on the security-heavy OpenBSD operating system.
OpenBSD now also supports ESM (Embedded Server Management). This seems to be the first Open Source implementation of this Dell-specific protocol.
"After much digging online for an effective way to stop this pesky application that is highly de-centralised and a big pain to blocked, I finally found a way to do it. It has been working perfectly fine on our corporate network, and we have had no complaints of users being denied access to legitimate web destinations (that are in compliance with our security policy of course)."
"Yesterday OpenBSD, the proactively secure Unix-like operating system, released version 3.8, featuring several improvements to networking, RAID management tools, and increased security. At openbsd.org you can download installation files or order the official three-disc CD set, which supports 16 processor architectures out of the box. I took this new release as an opportunity to perform my first ever OpenBSD install." Read more here.
"We are pleased to announce the official release of OpenBSD 3.8. This is our 18th release on CD-ROM (and 19th via FTP). We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install. As in our previous releases, 3.8 provides significant improvements, including new features, in nearly all areas of the system."
"I've updated the Firewalling with PF manuscript, mainly for the tutorial I gave at the AUUG2005 conference. New sections: Info on bruteforce protection; Wireless net setup; authpf with wireless net. Updates to the spamd section and traceroute section."
OpenBSD has a brand new IPMI implementation. The ipmi term Intelligent Platform Management refers to autonomous monitoring and recovery features implemented directly in platform management hardware and firmware. The key characteristics of Intelligent Platform Management is that inventory, monitoring, logging, and recovery control functions are available independent of the main processor, BIOS, and operating system.
It's release time again for OpenBSD! The upcoming 3.8 will include some wonderful features for network gurus (trunking, tracking wireless roaming users, interface groups, a new ipsec configuration tool, and failover of ipsec links), a great rework of malloc() that will provide further security protections by default, and the first version of bioctl--a universal RAID management interface.
SecurityFocus interviews three OpenBSD developers about their network stack protection against DoS ICMP attacks, a short comparison with Linux' stack, and some thoughts on OpenBGPD.
OpenBSD developer Reyk Floeter writes in article Proactive wireless networks with hostapd(8) about his latest tool and how it can be used in wireless warfare. Defend your wireless networks from rogue nodes or "discourage" neighbours from occupying "your" frequencies.
"Theo announced on -misc today that work is in progress to add G5 support to the macppc port. G5 machines will be running in 32-bit mode but there is the possibility of a macppc64 port to follow to take advantage of these 64-bit processors. All Apple models are being targetted (iMac, Power Mac, and Xserve) so if you have such a machine and wish to run
OpenBSD NetBSD OpenBSD on it, your dreams are about to come true. As Theo stresses, this is very much a work in progress and not everything is supported or stable at this point in time."
"OpenBSD is an ultra-secure, freely available, multi-platform BSD-based UNIX-like operating system. And is arguably the most secure operating system in the world. After using OpenBSD for over 9 years I decided to place online some useful information for first time users of OpenBSD. The information here covers the current release of OpenBSD."