Slashdot Mirror

You can do this at a firewall level with OpenBSD's PF. By using passive OS fingerprinting blocking (or redirecting to spamd) mail from Windows hosts is easy. Of course, if the host in question is behind a firewall like PF, which can mangle packets to the point that passive fingerprinting doesn't work, this method fails; hopefully boxes that are firewalled like that aren't spam senders.

You can do this at a firewall level with OpenBSD's PF. By using passive OS fingerprinting blocking (or redirecting to spamd) mail from Windows hosts is easy. Of course, if the host in question is behind a firewall like PF, which can mangle packets to the point that passive fingerprinting doesn't work, this method fails; hopefully boxes that are firewalled like that aren't spam senders.

IMPORTANT UPDATE: Please show your support for Ceren in this poll of Geek Babes!

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. Don't you wish the guy in this pic was you? Are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

$Id: ceren.html,v 9.0 2004/08/01 16:01:34 ceren_rocks Exp $

dude, you should seriously consider changing the OS of your gateway box. If you have the skills or time, learn to use something like OpenBSD or FreeBSD. Both currently include the amazing PF packet filter, which supports NAT and amazing packet filtering capabilities. Everything is well documented on OpenBSD FAQ web page.

Due to your slow link, consider getting regular CVS patches via CTM, one way of keeping your CVS tree updated via email. Patches are usually small and can be quickly downloaded via FTP.

Good luck.

IMPORTANT UPDATE: Please show your support for Ceren in this poll of Geek Babes!

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. Don't you wish the guy in this pic was you? Are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

$Id: ceren.html,v 9.0 2004/08/01 16:01:34 ceren_rocks Exp $

Which man?

Gabe Newell, the man from the casemod detector van.

The looney detector van, you mean.

for those of you who don't know what this is about then listen to 3.5: "CARP License" and "Redundancy must be free" http://www.openbsd.org/lyrics.html#35

I seem to remember an investigation which concluded that the lifetime of an unpatched box on a public network was about 5 minutes, irregardless of OS.

When was that last OpenSSH flaw fixed?

There has only been one remote root of openssh in the past eight years, it's part of the openbsd project and is enabled on that platform by default; it is the source of the "once in eight years" statistic mentioned on the OpenBSD homepage.

Has your vendor bothered to backport that fix? I might just believe you if you said "Debian" box, because the Debian people I know put a lot of work into fixing and backporting fixes, which apt is configured to pick up by default. I flat out do not believe that Redhat / Fedora ships secure

at least RHEL seems to have some sort of maintained updates server (and I don't use SUSE or Slackware so I have no idea about them).

(Everyone should pray for Patrick Volkerding, for helping to start the whole Linux distribution world rolling with Slackware.)

IMPORTANT UPDATE: Please show your support for Ceren in this poll of Geek Babes!

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. Don't you wish the guy in this pic was you? Are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

$Id: ceren.html,v 9.0 2004/08/01 16:01:34 ceren_rocks Exp $

It's not that hard to do, if you're willing to read a bunch of manpages.

Get a fixed IP DSL and a Soekris net4801 for each site. Add a laptop hard drive or compact flash with OpenBSD on it. Read the man pages for "vpn" and "pf". Implement as appropriate to your site.

Hardware cost is under $500 per site. Ongoing cost is your local DSL price. Add your labor, including the time spent learning about OpenBSD and the cost of maintaining a free OS over time.

If this cost doesn't come in under 75% of the low bid from any three VPN vendors, I'll buy a straw hat and try to eat it. :-)

It's not that hard to do, if you're willing to read a bunch of manpages.

Get a fixed IP DSL and a Soekris net4801 for each site. Add a laptop hard drive or compact flash with OpenBSD on it. Read the man pages for "vpn" and "pf". Implement as appropriate to your site.

Hardware cost is under $500 per site. Ongoing cost is your local DSL price. Add your labor, including the time spent learning about OpenBSD and the cost of maintaining a free OS over time.

If this cost doesn't come in under 75% of the low bid from any three VPN vendors, I'll buy a straw hat and try to eat it. :-)

Also the BSDs.

FreeBSD's port is also amd64. Same with NetBSD and OpenBSD. This is nothing new. There are other reasons why Debian is using amd64 as well. Two of their target platforms (NetBSD and FreeBSD, see here) use amd64 internally, as listed above.

The times.allow and times.deny entries consist of a comma-separated list
of time periods during which the users in a class are allowed to be
logged in. These are expressed as one or more day codes followed by a
start and end times expressed in 24 hour format, separated by a hyphen or
dash. For example, MoThSa0200-1300 translates to Monday, Thursday and
Saturday between the hours of 2 am and 1 p.m.. If both of these time
lists are empty, users in the class are allowed access at any time. If
times.allow is specified, then logins are only allowed during the periods
given. If times.deny is specified, then logins are denied during the
periods given, regardless of whether one of the periods specified in
times.allow applies.

You could also use AuthPF and a cron script to write and remove /etc/nologin. from the system at given times.

## ADJUST TO TASTE - they're your kids! ##

0 14 * * * rm /etc/nologin
# go ahead and use computer till 4p. Then we have dinner
# and you kids do homework not needing online time
0 16 * * * touch /etc/nologin
# alright, chat with your friends for a bit or finish up your homeword
0 20 * * * rm /etc/nologin
# no more. Say goodnight to your friends and hit the sack!
30 21 * * * touch /etc/nologin

Remember root can login anytime (can also be overridden on individual accounts through login.conf with ignorenologin. You'll need to periodically check and force logouts (after a winpopup warning) based on the existence of this file.

You could modify the firewall/NAT rules directly via cron or some other method to your choosing (report cards online? Screenscrape the results and allow an extra hour for each grade point above a B-...)

You could block services on an individual basis. Web allowed all the time but chatting only from 2000-2100?? No filesharing untill after dinner?

There may be a PAM module that will restrict login based on time of day, week, etc.

You could use user accounting to record how much time they spend online. A weekly review with them.... You could restrict usage to hours/day, hours/week or whatever. When the time is all used up, access get's locked.

The times.allow and times.deny entries consist of a comma-separated list
of time periods during which the users in a class are allowed to be
logged in. These are expressed as one or more day codes followed by a
start and end times expressed in 24 hour format, separated by a hyphen or
dash. For example, MoThSa0200-1300 translates to Monday, Thursday and
Saturday between the hours of 2 am and 1 p.m.. If both of these time
lists are empty, users in the class are allowed access at any time. If
times.allow is specified, then logins are only allowed during the periods
given. If times.deny is specified, then logins are denied during the
periods given, regardless of whether one of the periods specified in
times.allow applies.

You could also use AuthPF and a cron script to write and remove /etc/nologin. from the system at given times.

## ADJUST TO TASTE - they're your kids! ##

0 14 * * * rm /etc/nologin
# go ahead and use computer till 4p. Then we have dinner
# and you kids do homework not needing online time
0 16 * * * touch /etc/nologin
# alright, chat with your friends for a bit or finish up your homeword
0 20 * * * rm /etc/nologin
# no more. Say goodnight to your friends and hit the sack!
30 21 * * * touch /etc/nologin

Remember root can login anytime (can also be overridden on individual accounts through login.conf with ignorenologin. You'll need to periodically check and force logouts (after a winpopup warning) based on the existence of this file.

You could modify the firewall/NAT rules directly via cron or some other method to your choosing (report cards online? Screenscrape the results and allow an extra hour for each grade point above a B-...)

You could block services on an individual basis. Web allowed all the time but chatting only from 2000-2100?? No filesharing untill after dinner?

There may be a PAM module that will restrict login based on time of day, week, etc.

You could use user accounting to record how much time they spend online. A weekly review with them.... You could restrict usage to hours/day, hours/week or whatever. When the time is all used up, access get's locked.

The times.allow and times.deny entries consist of a comma-separated list
of time periods during which the users in a class are allowed to be
logged in. These are expressed as one or more day codes followed by a
start and end times expressed in 24 hour format, separated by a hyphen or
dash. For example, MoThSa0200-1300 translates to Monday, Thursday and
Saturday between the hours of 2 am and 1 p.m.. If both of these time
lists are empty, users in the class are allowed access at any time. If
times.allow is specified, then logins are only allowed during the periods
given. If times.deny is specified, then logins are denied during the
periods given, regardless of whether one of the periods specified in
times.allow applies.

You could also use AuthPF and a cron script to write and remove /etc/nologin. from the system at given times.

## ADJUST TO TASTE - they're your kids! ##

0 14 * * * rm /etc/nologin
# go ahead and use computer till 4p. Then we have dinner
# and you kids do homework not needing online time
0 16 * * * touch /etc/nologin
# alright, chat with your friends for a bit or finish up your homeword
0 20 * * * rm /etc/nologin
# no more. Say goodnight to your friends and hit the sack!
30 21 * * * touch /etc/nologin

Remember root can login anytime (can also be overridden on individual accounts through login.conf with ignorenologin. You'll need to periodically check and force logouts (after a winpopup warning) based on the existence of this file.

You could modify the firewall/NAT rules directly via cron or some other method to your choosing (report cards online? Screenscrape the results and allow an extra hour for each grade point above a B-...)

You could block services on an individual basis. Web allowed all the time but chatting only from 2000-2100?? No filesharing untill after dinner?

There may be a PAM module that will restrict login based on time of day, week, etc.

You could use user accounting to record how much time they spend online. A weekly review with them.... You could restrict usage to hours/day, hours/week or whatever. When the time is all used up, access get's locked.

The times.allow and times.deny entries consist of a comma-separated list
of time periods during which the users in a class are allowed to be
logged in. These are expressed as one or more day codes followed by a
start and end times expressed in 24 hour format, separated by a hyphen or
dash. For example, MoThSa0200-1300 translates to Monday, Thursday and
Saturday between the hours of 2 am and 1 p.m.. If both of these time
lists are empty, users in the class are allowed access at any time. If
times.allow is specified, then logins are only allowed during the periods
given. If times.deny is specified, then logins are denied during the
periods given, regardless of whether one of the periods specified in
times.allow applies.

You could also use AuthPF and a cron script to write and remove /etc/nologin. from the system at given times.

## ADJUST TO TASTE - they're your kids! ##

0 14 * * * rm /etc/nologin
# go ahead and use computer till 4p. Then we have dinner
# and you kids do homework not needing online time
0 16 * * * touch /etc/nologin
# alright, chat with your friends for a bit or finish up your homeword
0 20 * * * rm /etc/nologin
# no more. Say goodnight to your friends and hit the sack!
30 21 * * * touch /etc/nologin

Remember root can login anytime (can also be overridden on individual accounts through login.conf with ignorenologin. You'll need to periodically check and force logouts (after a winpopup warning) based on the existence of this file.

You could modify the firewall/NAT rules directly via cron or some other method to your choosing (report cards online? Screenscrape the results and allow an extra hour for each grade point above a B-...)

You could block services on an individual basis. Web allowed all the time but chatting only from 2000-2100?? No filesharing untill after dinner?

There may be a PAM module that will restrict login based on time of day, week, etc.

You could use user accounting to record how much time they spend online. A weekly review with them.... You could restrict usage to hours/day, hours/week or whatever. When the time is all used up, access get's locked.

The times.allow and times.deny entries consist of a comma-separated list
of time periods during which the users in a class are allowed to be
logged in. These are expressed as one or more day codes followed by a
start and end times expressed in 24 hour format, separated by a hyphen or
dash. For example, MoThSa0200-1300 translates to Monday, Thursday and
Saturday between the hours of 2 am and 1 p.m.. If both of these time
lists are empty, users in the class are allowed access at any time. If
times.allow is specified, then logins are only allowed during the periods
given. If times.deny is specified, then logins are denied during the
periods given, regardless of whether one of the periods specified in
times.allow applies.

You could also use AuthPF and a cron script to write and remove /etc/nologin. from the system at given times.

## ADJUST TO TASTE - they're your kids! ##

0 14 * * * rm /etc/nologin
# go ahead and use computer till 4p. Then we have dinner
# and you kids do homework not needing online time
0 16 * * * touch /etc/nologin
# alright, chat with your friends for a bit or finish up your homeword
0 20 * * * rm /etc/nologin
# no more. Say goodnight to your friends and hit the sack!
30 21 * * * touch /etc/nologin

Remember root can login anytime (can also be overridden on individual accounts through login.conf with ignorenologin. You'll need to periodically check and force logouts (after a winpopup warning) based on the existence of this file.

You could modify the firewall/NAT rules directly via cron or some other method to your choosing (report cards online? Screenscrape the results and allow an extra hour for each grade point above a B-...)

You could block services on an individual basis. Web allowed all the time but chatting only from 2000-2100?? No filesharing untill after dinner?

There may be a PAM module that will restrict login based on time of day, week, etc.

You could use user accounting to record how much time they spend online. A weekly review with them.... You could restrict usage to hours/day, hours/week or whatever. When the time is all used up, access get's locked.

I do the same, but I also run it systraced. You can use the policy posted in the BitTorrent security thread.

What concerns about Atheros were those? ath man page

you try finding every hole in millions of lines of code

That would be a hell of a lot easier to do if I had access to the code.
Lots of people do it constantly!

IMPORTANT UPDATE: Please show your support for Ceren in this poll of Geek Babes!

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. Don't you wish the guy in this pic was you? Are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

$Id: ceren.html,v 9.0 2004/08/01 16:01:34 ceren_rocks Exp $

You say: "And we want developers back on our side. If there's more for us to do, we'll go do it,"

maybe then you can show some good faith and put some action behind those words? don't want to open up java any more? fine, then at least remove the ridiculous redistribtion limitations

since you're giving away the software, you're left to making $$ from hardware and services. try being a little more friendly with those seeking to buy your hardware, and maybe you'll see a resurgence in hardware sales

because of the tactics you've employed in the past, i chose to not buy an opteron system from you and instead opted for another vendor. change your tactics and perhaps you'll start seeing a resurgance of your customer base

Yes, it is very annoying that a (commercial) Linux distribution typically has a very messy filesystem layout.

In this the OpenBSD (and the other *BSD as well) does much better. When you install a port, you know where it is installed. The man hier is actually followed and useful. Packages/ports installs to /usr/local, with perphaps some config files added to /etc or some working directory added to /var. That's it. No exceptions.

Use of this driver requires that you download Intel firmware which is covered by a very non-free and restrictive license.

I urge you to write to Intel and let them know that you are dissatisfied with their license and that you want the ability to freely distribute their firmware.

Please note that nobody is asking them to open the source of their firmware--they just need to make it so that free operating systems can distribute their firmware without having to force their users to agree to this licensing.

IMPORTANT UPDATE: Please show your support for Ceren in this poll of Geek Babes!

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. Don't you wish the guy in this pic was you? Are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

$Id: ceren.html,v 9.0 2004/08/01 16:01:34 ceren_rocks Exp $

Secure & Useable!

http://www.openbsd.org/

IMPORTANT UPDATE: Please show your support for Ceren in this poll of Geek Babes!

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. Don't you wish the guy in this pic was you? Are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

$Id: ceren.html,v 9.0 2004/08/01 16:01:34 ceren_rocks Exp $

Docs that are actually more or less equivilant to the Gentoo stuff you linked to:
FreeBSD faq
NetBSD guide
OpenBSD FAQ

As I said, the installation instructions on both are outstanding. Where the BSDs pull ahead is the man pages. Every aspect of the system is meticulously documented, in an accessible and concise way.

Gentoo specific things tend to be documented well, but things inherited from other Linuxes tend to inherit their documentation as well, which is poor. The Gentoo guides tell you magic invocations, sometimes even several alternatives, but the actual man (or info) page for the tool is just as weak as other Linuxes. It's a lot worse for the C library and system call man pages.

Gentoo docs are better than most Linuxes (at least the ones I've tried), but that's not saying much.

I know I'm probably feeding a troll, but I won't let you get away with bashing the best Gentoo feature. BSD docs are a huge pile of paper, when compared to the nicely organised, professional documentation on Gentoo.org. As much as writing stuff down, it's important to make it findable.

Just go and compare the sites.

Solaris is the only reason anyone buys a Sparc box. Selling Sparc boxes is Sun's main form of income.

This includes Netra T1, Sunfire V100/V120, and also systems based on the AXi and Netra CP lines of OEM motherboards.

These days most of those people are purchasing dual processor AMD64 systems instead.

Solaris is the only reason anyone buys a Sparc box. Selling Sparc boxes is Sun's main form of income.

This includes Netra T1, Sunfire V100/V120, and also systems based on the AXi and Netra CP lines of OEM motherboards.

These days most of those people are purchasing dual processor AMD64 systems instead.

While you may be right for some Open Source projects, the OpenBSD team applies sound engineering techniques.

They sure do!

This is not how OpenBSD works. There's only one place for official errata, and these patches are published only after carefull scrutiny.

While you may be right for some Open Source projects, the OpenBSD team applies sound engineering techniques.

the openbsd team has branched off quite a few projects where they saw the security and/or license was insufficient and needed to be redone.

OpenSSH, who's box doesn't have this?
OpenNTPD, a network time protocol daemon and server, recently released.
OpenBGPD, the border gateway protocol daemon.
They were pioneers in the use of stack protection software on the i386 platform (kernel and compiler), as well as privilage seperated daemons (it's in your sshd now), and randomized library linking locations.
(i think i'm missing a few, anyone care to fill them in?)

they have implemented (a far better implementation over the old one that they didn't write) their i.p. filter, PF (which has now made it into netbsd, freebsd, and hopefully linux soon enough). this includes INSANE amounts of configurability options, with integrated routing and traffic shaping.

many people grumble about how the project is run and its priorities. but we all benefit from their efforts. i think i'm going to buy a cd even though i am not an openbsd user. these sales help keep these projects going.

the openbsd team has branched off quite a few projects where they saw the security and/or license was insufficient and needed to be redone.

OpenSSH, who's box doesn't have this?
OpenNTPD, a network time protocol daemon and server, recently released.
OpenBGPD, the border gateway protocol daemon.
They were pioneers in the use of stack protection software on the i386 platform (kernel and compiler), as well as privilage seperated daemons (it's in your sshd now), and randomized library linking locations.
(i think i'm missing a few, anyone care to fill them in?)

they have implemented (a far better implementation over the old one that they didn't write) their i.p. filter, PF (which has now made it into netbsd, freebsd, and hopefully linux soon enough). this includes INSANE amounts of configurability options, with integrated routing and traffic shaping.

many people grumble about how the project is run and its priorities. but we all benefit from their efforts. i think i'm going to buy a cd even though i am not an openbsd user. these sales help keep these projects going.

i'm running an athlon64 2800 on an nforce3 motherboard on gentoo and all the integrated peripherals work great (although i haven't tested firewire, parallel, or serial, but they show up in dmesg so i think it's fine). i kind of stupidly bought a radeon 9200... but it works and it has dri and framebuffer support, so i'm ok. the 64bit thing works wonderfully, and they even have a 32bit emulation option in the kernel. just for kicks, i turned it off and rebooted... it went just fine, all except for grub (which is only available for 32bit archs), but the emulation works around that.
i picked gentoo because it had better support for nforce3 motherboards than freebsd did at the time. also, slackware's boot kernel didn't support my sata drive. debian would have done the job, but i don't really care for it. mandrake and suse also have 64bit distros, but they were not free as in beer when i bought this computer... you may want to check, if you like those distros. fedora core 1 has support for amd64, and there are most likely a few other distros too.
openbsd, netbsd, and freebsd support it too. if you want to run something weirder than that, athlon64 processors support 32bit stuff too, the slackware install kernel booted on my machine.

My home firewall is an OpenBSD box that is my access point as well. I use IPSec to setup VPN to secure my wireless network. Only authenticated IPSec traffic is permitted, so all a war driver can do is to DoS my wireless network.

If setting up IPSec is too much work, one can use OpenVPN that has a Windows client as well.

If you just want to prevent unauthorized usage of your wireless network, you can authenticate using authpf.

All the soloutions above assumes that you uses OpenBSD as an access point. OpenBSD can now support Atheros wireless chipset (for 802.11a), and soon 802.11g will be supported as well : Atheros HAL layer.

My home firewall is an OpenBSD box that is my access point as well. I use IPSec to setup VPN to secure my wireless network. Only authenticated IPSec traffic is permitted, so all a war driver can do is to DoS my wireless network.

If setting up IPSec is too much work, one can use OpenVPN that has a Windows client as well.

If you just want to prevent unauthorized usage of your wireless network, you can authenticate using authpf.

All the soloutions above assumes that you uses OpenBSD as an access point. OpenBSD can now support Atheros wireless chipset (for 802.11a), and soon 802.11g will be supported as well : Atheros HAL layer.

My home firewall is an OpenBSD box that is my access point as well. I use IPSec to setup VPN to secure my wireless network. Only authenticated IPSec traffic is permitted, so all a war driver can do is to DoS my wireless network.

If setting up IPSec is too much work, one can use OpenVPN that has a Windows client as well.

If you just want to prevent unauthorized usage of your wireless network, you can authenticate using authpf.

All the soloutions above assumes that you uses OpenBSD as an access point. OpenBSD can now support Atheros wireless chipset (for 802.11a), and soon 802.11g will be supported as well : Atheros HAL layer.

My home firewall is an OpenBSD box that is my access point as well. I use IPSec to setup VPN to secure my wireless network. Only authenticated IPSec traffic is permitted, so all a war driver can do is to DoS my wireless network.

If setting up IPSec is too much work, one can use OpenVPN that has a Windows client as well.

If you just want to prevent unauthorized usage of your wireless network, you can authenticate using authpf.

All the soloutions above assumes that you uses OpenBSD as an access point. OpenBSD can now support Atheros wireless chipset (for 802.11a), and soon 802.11g will be supported as well : Atheros HAL layer.

IMPORTANT UPDATE: Please show your support for Ceren in this poll of Geek Babes!

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. Don't you wish the guy in this pic was you? Are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

$Id: ceren.html,v 8.0 2004/08/01 16:01:34 ceren_rocks Exp $

These sorts of issues illustrate why it's critical to consult the (rather incomplete) supported hardware lists. In addition, because the hardware lists can be vague and the vendors don't always provide complete information on the product, talk to someone who runs a similar setup. In addition, figure out what driver is used for your device and read the source code; oftentimes there will be comments about specific cards. Finally, see how long development has been taking place for a particular driver; the driver that's been around the longest may be the safest bet.

With regards to wireless cards, you shouldn't have any problems with Cisco or Motorola gear on OpenBSD.

Include important information
Don't waste everyone's time with a hopelessly incomplete question. No one other than you has the information needed to resolve your problem, it is better to provide more information than needed than one detail too little. Any question should include at least the version of OpenBSD (i.e., "3.2-stable", "3.3-current as of July 20, 2003"). Any hardware related questions should mention the platform (i.e., sparc, alpha, etc.), and provide a full dmesg(8). Hardware model numbers, unfortunately, don't indicate much about the actual content of a particular machine or accessory, and are useless to anyone who doesn't have that exact machine sitting where they can easily recognize it. The dmesg(8) tells us exactly what is IN your machine, not what stickers are on the outside.

Include important information
Don't waste everyone's time with a hopelessly incomplete question. No one other than you has the information needed to resolve your problem, it is better to provide more information than needed than one detail too little. Any question should include at least the version of OpenBSD (i.e., "3.2-stable", "3.3-current as of July 20, 2003"). Any hardware related questions should mention the platform (i.e., sparc, alpha, etc.), and provide a full dmesg(8). Hardware model numbers, unfortunately, don't indicate much about the actual content of a particular machine or accessory, and are useless to anyone who doesn't have that exact machine sitting where they can easily recognize it. The dmesg(8) tells us exactly what is IN your machine, not what stickers are on the outside.

I wonder of mi2g has even heard of OpenBSD?

http://www.openbsd.org/faq/upgrade36.html

As the author of the above, my opinion of its value may be biased, however. :)

1) As a windows user, plus some experience with Linux (Mandrake is running my current file/web server), where's the best place to start when trying to jump into one of the BSDs for a file/web server?

First off, don't listen to anybody that says the OpenBSD is not fit for heavy-duty serving or that FreeBSD is easier. I used FreeBSD for over seven years before switching to OpenBSD this year. OpenBSD is defintely server-capable (we run it here) and not just for firewalls. There is excellent documentatio available at http://www.openbsd.org/faq/. IMHO, it's the best documentation for any free OS. You will especially appreciate how easy it makes learning the pf firewall.

2) My drives are currently ext3; will BSD recognize that?

I don't want to say "no" because I'm not 100% sure but invariably, I'm happier using the native fs. My advice is to back up your files to CD-R or DVD-ROM and then restore them after reinstall.

Good luck!

Chris

Nice work obsd people. Must be about time to have a relaxing beverage or twelve :)

You can always assist in bringing relaxing-beverage goodness to the OpenBSD development team.

I asked a similar question not too long ago. So far I've come to the conclusion that you should use binpatch for security patches and the release(8) process to generate new binary tar archives. Then extract those tar archives in / to upgrade to a new release and finally run mergemaster. I'm going to look into scripting the whole build process and automatically updating on the client side.

I look forward to OpenBSD releases not because I use OpenBSD, or even that I am particularly interested in it -- it's the OpenBSD songs that I wait for. They are actually quite good.
"The Legend of Puffy Hood" and "Puff the Barbarian" were particularly good, and I found that many non-geeks liked them for their music if nothing more (and they tend to appreciate the lyrics once they read the page I linked above).

Speaking of lyrics, if you read them, you will find that they are actually very clever political satire. The 3.5 song, and some of the earliest ones, are somewhat disappointing IMO, but the others are excellent (and 3.5 is as well if you can appreciate a parody a parody).

I highly recommend that all Slashdot readers take a look at the page and download the OpenBSD songs. You may even want to pick up an ISO of OpenBSD while you're there.