Slashdot Mirror

ftp://ftp3.usa.openbsd.org/pub/OpenBSD/3.5/.

My best guess is that all of the hardcore OpenBSD users already have a 3.4 installation and only need to do a source upgrade, so the mirror sites focus on getting a fresh copy of the sources, then take their time about the binary install sets for various platforms.

Yeah can you please send a few of your american developers up here?
We can make the code but we just can't seem to produce the same quantity of bugs as you guys do. I mean administering a system is just no fun without panicking over a patch every couple days and we would really appreciate if you could show us how to make such buggy code so our users can enjoy the same level of patching as yours!

Does OpenBSD 3.5 break backward compatibility with all previous releases, like every other OpenBSD release does?

That's utter bullshit. Read the upgrade mini-FAQ, FOLLOW IT and nothing should break. I've updated remote machines that I've never been within 2000 KM from and have never had a problem.

I use OpenBSD on my desktop at work. There's a FreeBSD and Linux (among others) binary compatibility option which work great for me. I use the Linux Citrix client binary to connect to a Citrix server across the country just fine. I don't think I've ever run a FreeBSD binary but I install from ports usually so the port-meister of that particular software takes care of issues.

OpenBSD supports a load of different architectures, far more than FreeBSD. However I think you're really asking about supported hardware on i386. In that area FreeBSD is ahead but most stock hardware runs OpenBSD just fine.

Jump in, the water's fine!

What I really like about OpenBSD is that I don't have to google for a HOWTO on configuring pf and altq.

I'd also throw in that the file system layout is very consistant with OpenBSD. There's even a hier(7) man page describing the layout. When I'm working on another OS I find myself digging around, even for configuration files, way too often.

- Program should declare what syscalls it uses, what libraries it needs, etc, and no other syscalls/libraries would be allowed.
- Program should declare what kind of access it needs to the filesystem to function. No other parts of the "real" filesystem should be visible in the program's namespace at all.
- Same for every other resource such as sockets, etc...

systrace(1)

Upgrade Mini-FAQ

There are unofficial ISO complilations of OpenBSD available is you want to search around for a bit. Or you could buy the official 3 CD pack and support the project that way.

I think the easiest way to do an installation ( I ran 3.5 up on an old p-166 this evening ) is to download the arch-specific install files ( ie everything under /i386 for run of the mill x86 cpus ), and set them up on a local web or ftp server. 'dd' the boot floppy image to a spare disk ( floppy35.fs will suit 90% of cases ), boot up with this on the system, and simply follow the prompts for the ftp/http install. Or you could simply do a ftp install from a local OpenBSD mirror across the internet.

For detailed info on the install, see the FAQ.

The Errata page should be checked regularly too. Unlike the 3.4 release that had a number of bugfixes that needed to be applied as soon as it was officially released, 3.5 has no need for further patching at this point in time.

There are unofficial ISO complilations of OpenBSD available is you want to search around for a bit. Or you could buy the official 3 CD pack and support the project that way.

I think the easiest way to do an installation ( I ran 3.5 up on an old p-166 this evening ) is to download the arch-specific install files ( ie everything under /i386 for run of the mill x86 cpus ), and set them up on a local web or ftp server. 'dd' the boot floppy image to a spare disk ( floppy35.fs will suit 90% of cases ), boot up with this on the system, and simply follow the prompts for the ftp/http install. Or you could simply do a ftp install from a local OpenBSD mirror across the internet.

For detailed info on the install, see the FAQ.

The Errata page should be checked regularly too. Unlike the 3.4 release that had a number of bugfixes that needed to be applied as soon as it was officially released, 3.5 has no need for further patching at this point in time.

There are unofficial ISO complilations of OpenBSD available is you want to search around for a bit. Or you could buy the official 3 CD pack and support the project that way.

I think the easiest way to do an installation ( I ran 3.5 up on an old p-166 this evening ) is to download the arch-specific install files ( ie everything under /i386 for run of the mill x86 cpus ), and set them up on a local web or ftp server. 'dd' the boot floppy image to a spare disk ( floppy35.fs will suit 90% of cases ), boot up with this on the system, and simply follow the prompts for the ftp/http install. Or you could simply do a ftp install from a local OpenBSD mirror across the internet.

For detailed info on the install, see the FAQ.

The Errata page should be checked regularly too. Unlike the 3.4 release that had a number of bugfixes that needed to be applied as soon as it was officially released, 3.5 has no need for further patching at this point in time.

We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install.

I love OpenBSD as much as anyone serious about security, but this quote is completely full of shit.

If you look at the release 3.4 errata list, there's at least three or four root exploits waiting to happen. And 3.3 and 3.2 aren't any better.

And YES, sendmail was in the default install. As well as many programs based off the lately bad libc-6.

OpenBSD is the most secure, and secure-oriented, but its not perfect by any means.

And yes, I run OpenBSD on a few servers, and one desktop!

We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install.

I love OpenBSD as much as anyone serious about security, but this quote is completely full of shit.

If you look at the release 3.4 errata list, there's at least three or four root exploits waiting to happen. And 3.3 and 3.2 aren't any better.

And YES, sendmail was in the default install. As well as many programs based off the lately bad libc-6.

OpenBSD is the most secure, and secure-oriented, but its not perfect by any means.

And yes, I run OpenBSD on a few servers, and one desktop!

We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install.

I love OpenBSD as much as anyone serious about security, but this quote is completely full of shit.

If you look at the release 3.4 errata list, there's at least three or four root exploits waiting to happen. And 3.3 and 3.2 aren't any better.

And YES, sendmail was in the default install. As well as many programs based off the lately bad libc-6.

OpenBSD is the most secure, and secure-oriented, but its not perfect by any means.

And yes, I run OpenBSD on a few servers, and one desktop!

http://www.openbsd.org/faq/faq4.html

There's an inofficial Bittorrent link, just make sure you verify MD5 checksums against those listed on the official ftp server.

fxp is the driver for the Intel PRO/100 Ethernet adapters.

Eagerly, awaiting the openbsd 3.5 theme song I ftped into one of the mirrors.

Anyway I downloaded the 3.5 song and found it about a protest on cisco patents on rundantant firewalling and vrp in a monty python format.

Strange but somewhat ammusing to say the least. Go download it.

Eagerly, awaiting the openbsd 3.5 theme song I ftped into one of the mirrors.

Anyway I downloaded the 3.5 song and found it about a protest on cisco patents on rundantant firewalling and vrp in a monty python format.

Strange but somewhat ammusing to say the least. Go download it.

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. I mean are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Don't you wish you could get one of these? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

For example he tried to run the various X configurations utilities. The FAQ clearly states that there is a WORKING example configuration that you should start from in /usr/X11/README .

The FAQ does not state this at all. Which FAQ are you refering to? ftp://ftp.openbsd.org/pub/OpenBSD/doc/obsd-faq.txt

While it was odd that starting up X11 with a non-working config crashed the system, I was able to get X11 working, as you can see in the screenshot.

Furthermore the FAQ also states to not compile from source unless absolutely nessessary.

That is not what the FAQ says. In fact, it only references compiling when talking about ports versus packages, and not compiling in general. It says that packages are easier, and it's recommended to use them, but it seems more of trouble-saving and time-saving advice than anything else, not an admonishment of compiling.

Ports Versus Packages

If he had used packages, he might not have had the problems with the databases that he had. However there was a MySQL glitch in 3.4 (I think, it could have been 3.3) that was fixed in stable.

I've gotten several comments about using packages. For one, I'm using MySQL 4.0. There are no packages or even ports for MySQL 4.0. I've been using it with the other evaluations, and it is MySQL's latest.

I prefer to compile from source whenever possible. Packages and ports are a convienence, and can often contain patches and workarounds, especially on non-x86 distributions. It would seem silly to rely entirely on ports/packages.

There is a port for PostgreSQL which I used and had the same bus error problems, although I didn't use a precompiled package. I'll give that a spin when I'm by the system, but right now I'm in Hawaii so I don't have access to the OpenBSD system.

Also, the 3.5 snapshot from the 29th had some serious problems (people were told not to use it). Doing a little more homework would have avoided these problems; it's all documented.

The 3.5 snapshot worked fine for me, and I didn't see any "do not use" messages anywhere. The only problem I had with it was it exhibited the same strange MySQL behavior that 3.4 did. For me, it worked exactly the same as 3.4. So I'm not sure what "problems avoided" you are referring to.

You'll note that I did solicit the help of the OpenBSD/sparc mailing list, and while I recieved some excellent suggestions, nothing was able to sort out the particular issue.

For the record, my first 10 programs installed are:

1. bash
2. vim
3. screen
4. wget
5. nmap
6. fluxbox
7. gkrellm
8. sylpheed
9. mozillaphoenixfirebirdfox
10. etherape

BSD has a lot to learn from GNU/Linux regarding security. There have been less exploits found in the BSDs, but we all know that more eyes leads to a more secure product. And I really refuse to believe that most people do not hack the source code. Every mum and dad has dreams every night of helping to further the GNU/Linux cause. If they dont, then they are teh sux0r and are lusers.

I honestly can't figure out if you're a troll, illinformated, or what... but nonetheless you really need to check out OpenBSD.

Know why the BSD's have a pretty good track record? It's not because people aren't hacking it (BSDs use alot of the same software and thus have the same exploits that Linux does), but rather it's due in large part to OpenBSD and their line by line code security audit.

Yup that's right, the OpenBSD guys audit all code before it's released, specifically looking for things like buffer exploits and the likes. When they're found, the results are shared w/the other BSDs and fixed.

If you are willing to donate money, OpenBSD donations is the place to go.

Of course, buying CDs, t-shirts or posters also helps the project. Look at the catalog here.

If you are willing to donate money, OpenBSD donations is the place to go.

Of course, buying CDs, t-shirts or posters also helps the project. Look at the catalog here.

Most library users are windows users...

You are right, this is probably the first we should change. I would suggest Debian GNU/Linux for starters and Debian GNU/Hurd for people willing to experiment and learn more. Next steps, as I have already mentioned, could be EROS and OpenBSD for systems less popular but extremely reliable and secure. I wonder which operating systems would other Slashdotters suggest.

I am sure that before I have finished writing this comment many people will have already suggested GNUWin, TheOpenCD, Knoppix, Morphix, Dyne:bolic, Debian and GNU CDs but instead of jumping on the bandwagon and posting links to them (even though with no doubt those are great examples of software which every library should definitely have) I will suggest including some software which is less popular but which students might learn much more from (and in the end, is that not the whole purpose of a library?), id est: Debian GNU/Hurd, OpenBSD and EROS. Lots of useful software one can buy with a magazine, but these systems are much harder to find, while much more revolutionary and unquestionably invaluable if we want people to actually learn something important instead of only "clicking" the mouse. It is also very important to note that these systems would introduce students to real security, something which is hard to find and understand, yet even much harder to overestimate in the terrorism era and the invasion of our privacy with things like NSAKEY in Windows and NSAttributedString in Mac OS X. That is why I think that actively promoting them in every library would be the most insightful idea.

There are some tradeoffs - knocking systems are usually lightweight, while authpf is probably more thorough, especially about making sure the firewall hole gets closed when you leave. Different knocking systems have different bugs in them, and OpenBSD+SSH+AuthPF has the risks of more people attacking it, but the knocking systems have random authors while Authpf and its environment have to be blessed by Theo, so you've got some level of assurance about QA and future fixes. Also, knocking systems need various clients to knock with, and may be susceptible to firewall damage in between, while SSH is pretty widespread and firewalls generally let you make outgoing SSH connections.

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. I mean are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Don't you wish you could get one of these? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. I mean are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Don't you wish you could get one of these? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

I've got a similar problem to you, and, after years of noisy living rooms and bulky kit, I think I've found a solution.

Not racks, nor wooden bookshelves. I rescued four racks once. Bloody useless things. Free racks still cost 'cos they need expensive cases. If you put ordinary PCs in on the shelves, you might as well use ordinary shelving, like some guys have mentioned here. Since then, I've always wanted small, small PCs, and I've finally found them. They're silent. They're the size of routers. They're cheap.

But these PCs don't have any fancy extras, like video, keyboard or mouse (you use serial I/O, or SSH). They're only supported with free (as in four) operating systems, e.g. the BSDs and Linux. If you can work within those limitations, and I can, then you've gotta consider them. Since you didn't mention operating systems, I assume you want to keep your costs down, so you've gotta be going the not-unix route ... aren't you?

I'm willing to bet there are a number of manufacturers about. I know of Soekris, from Santa Cruz, a town famous, so I've heard, for the silly decisions some people have made after long visits to its excellent beer festival. Soekris interest me because they specifically support Open BSD.

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. I mean are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Don't you wish you could get one of these? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

First they settle with Microsoft for $2 billion, and now this. Are things really this bad for Sun?

No, they are just being smart.

The days of 64bit Unix being dominated by names like Sun, HP/Compaq and IBM might soon be over. Previously, they could all comfortably compete with each other with a relatively even footing.

But now that a company like AMD, sell 64bit CPU's which have features like per page security, a company like Sun would be stupid to compete against their massive economies of scale power.

AMD will be able to build a better CPU for a lower cost, because they can afford to build so many more units and put lots more money back into R&D.

Sun would be fighting against the dollars of Ma's and Pa's. The niche that a few smaller companies had in 64bit CPU's, is now over. No point in trying to make a minority architecture, go head-to-head against a majority architecture.

I said months ago to friends, that Sun would kill the UltraSPARC soon, due to AMD64. I didn't realise it would be this soon though.

This is a smart move by Sun. Any company that continues to make an exotic 64bit CPU (ie NOT PPC or x86) which will inevitably compete with AMD's manufacturing and R&D power, will lose. Why R&D and build an uncompetitive CPU when you can buy a better one cheaper?

I think we will eventually see Compaq move to AMD64 too.

Whether Sun is or is not in financial trouble, this move is not proof of it.

PS, per page security in the AMD64's is killer, in my opinion. Especially considering that I use OpenBSD.

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. I mean are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Don't you wish you could get one of these? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. I mean are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Don't you wish you could get one of these? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. I mean are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Don't you wish you could get one of these? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

Is it any wonder people think Linux users are a bunch of flaming homosexuals when its fronted by obviously gay losers like these?! BSD has a mascot who leaves us in no doubt that this is the OS for real men! If Linux had more hot chicks and gorgeous babes then maybe it would be able to compete with BSD! Hell this girl should be a model!

Linux is a joke as long as it continues to lack sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. I mean are you telling me you wouldn't like to get your hands on this ass?! Wouldn't this just make your Christmas?! Yes doctor, this uber babe definitely gets my pulse racing! Oh how I envy the lucky girl in this shot! Linux has nothing that can possibly compete. Come on, you must admit she is better than an overweight penguin or a gay looking goat! Wouldn't this be more liklely to influence your choice of OS?

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Don't you wish you could get one of these? Personally I know I would give my right arm to get this close to such a divine beauty!

Don't be a fag! Join the campaign for more cute open source babes today!

Not to knock OpenBSD, but your plan seems a little faulty.....

quote from OpenBSD FAQ:

8.1 - I forgot my root password, what do I do now?
A few steps to recovery

Boot into single user mode. For i386 arch type boot -s at the boot prompt.
mount the drives.
# fsck -p / && mount -uw /
If /usr is not the same partition that / is (and it shouldn't be) then you will need to mount it, also
# fsck -p /usr && mount /usr
run passwd(1)
boot into multiuser mode... and remember your password!
^-This is idiot proof and my mother could do it (and has done it).

You just lost all your securing time and welding time. Don't get me wrong I'm an avid Linux/BSD user, but if someone can get to the terminal of any computer...you have just lost every bit of security you implemented.

I realize that you were talking about securing a box against viruses, but I can see a case where a user wants root access and as a result starts running as root...

You all know how it goes from there. Education is the only cure to virus infection.

sftp is an interactive file transfer program, similar to ftp(1), which
performs all operations over an encrypted ssh(1) transport. It may also
use many features of ssh, such as public key authentication and compres-
sion. sftp connects and logs into the specified host, then enters an in-
teractive command mode.

This page can be found here and is about 1/3 of the way down the page.

look for openbsd's corporate usage page.

Too bad nobody is combining those with a SMTP engine that can see the messages comming in and accept them VERY SLOWLY. (ie.: 1 byte per second)

That's precisely what spamd daemon does. The -s parameter sets the delay for each character sent to the client by the specified amount of seconds. Defaults to 1. What OpenBSD 3.5 adds is greylisting.

It works by initially by "greylisting" e-mail from unlisted mail servers by sending a "451 4.7.1 Please try again later". If the server resends the e-mail within 4 hours, but minimum 30 min, the server is whitelisted. These timings can be configured, of course.

For now, this works very well for me, since few virii bothers to resend an e-mail, and the same goes for many spammers.

It works by initially by "greylisting" e-mail from unlisted mail servers by sending a "451 4.7.1 Please try again later". If the server resends the e-mail within 4 hours, but minimum 30 min, the server is whitelisted. These timings can be configured, of course.

For now, this works very well for me, since few virii bothers to resend an e-mail, and the same goes for many spammers.

It works by initially by "greylisting" e-mail from unlisted mail servers by sending a "451 4.7.1 Please try again later". If the server resends the e-mail within 4 hours, but minimum 30 min, the server is whitelisted. These timings can be configured, of course.

For now, this works very well for me, since few virii bothers to resend an e-mail, and the same goes for many spammers.

I do not believe OpenBSD has a software protected stack. However, given that OpenBSD runs on platforms which have hardware protected stacks, it does have the ability to guard against those kind of overflows. Just not on x86 hardware. Well, except maybe a version that runs on the AMD64 hardware...


From here:
(NOTE: i386 and powerpc do not support W^X in 3.3; however, 3.3-current already supports it on i386, and both these processors are expected to support this change in 3.4).

You can use a little-known feature of x86 called "segments" to enforce non-executability of memory areas. It's just different from the regular paging system used to implement virtual memory, and COMPLETELY unique to x86. You can find a discussion about it here. The links in the thread have some good info.

And if it's a GPLed CPU that you want, we've got those too.

That's not too difficult.

In keeping with OpenBSD's promo songs, the 3.5 release features a Monty Python-style sketch and song about CARP/pf and VRRP etc. Very funny stuff indeed. Lyrics and links to download the songs in MP3/OGG format at http://www.openbsd.org/lyrics.html

Building a complex application from source is not trivial. Not only must the application be compiled, but the tools used to build it must be built. Unfortunately, OpenBSD, the tools, and the application are all evolving, and often, getting all the pieces working together is a challenge. Once everything works, a revision in any of the pieces the next day could render it broken. Every six months, as a new release of OpenBSD is made, an effort is made to test the building of every port on every platform, but during the development cycle it is likely that some ports will break.

In addition to having all the pieces work together, there is just the matter of time and resources required to compile some applications from source. A common example is CVSup, a tool commonly used to track the OpenBSD source tree. To install CVSup on a moderately fast system with a good Internet connection may take only about ten seconds -- the time required to download and unpack a single 511kB package file. In contrast, building CVSup on the same machine from source is a huge task, requiring many tools and bootstrapping a compiler, takes almost half an hour on the same machine. Other applications, such as Mozilla or KDE may take hours and huge amounts of disk space and RAM/swap to build. Why go through this much time and effort, when the programs are already compiled and sitting on your CD-ROM or FTP mirror, waiting to be used?

Of course, there are a few good reasons to use ports over packages in some cases:

• Distribution rules prohibit OpenBSD from distributing a package.
• You wish to modify or debug the application or study its source code.
• You need a FLAVOR of a port that is not built by the OpenBSD ports team.
• You wish to alter the directory layout (i.e., modifying PREFIX or SYSCONFDIR)

Building a complex application from source is not trivial. Not only must the application be compiled, but the tools used to build it must be built. Unfortunately, OpenBSD, the tools, and the application are all evolving, and often, getting all the pieces working together is a challenge. Once everything works, a revision in any of the pieces the next day could render it broken. Every six months, as a new release of OpenBSD is made, an effort is made to test the building of every port on every platform, but during the development cycle it is likely that some ports will break.

In addition to having all the pieces work together, there is just the matter of time and resources required to compile some applications from source. A common example is CVSup, a tool commonly used to track the OpenBSD source tree. To install CVSup on a moderately fast system with a good Internet connection may take only about ten seconds -- the time required to download and unpack a single 511kB package file. In contrast, building CVSup on the same machine from source is a huge task, requiring many tools and bootstrapping a compiler, takes almost half an hour on the same machine. Other applications, such as Mozilla or KDE may take hours and huge amounts of disk space and RAM/swap to build. Why go through this much time and effort, when the programs are already compiled and sitting on your CD-ROM or FTP mirror, waiting to be used?

Of course, there are a few good reasons to use ports over packages in some cases:

• Distribution rules prohibit OpenBSD from distributing a package.
• You wish to modify or debug the application or study its source code.
• You need a FLAVOR of a port that is not built by the OpenBSD ports team.
• You wish to alter the directory layout (i.e., modifying PREFIX or SYSCONFDIR)