Slashdot Mirror

That only scratches the surface but the idea behind Web services is to create an Internet where it's easy to combine services from different vendors/suppliers to create your own Web applications.

This actually sounds useful. What open source alternatives are there that provide similar functionality? Does anybody know of a good web page that suggests open source alternatives for each of the different aspects of .NET? I could use this for a project that I'm working on right now, but I need software that is cross-platform (and not in Microsoft's definition of the term "cross-platform" - I want to run it on OpenBSD). I could also use a .NET comparison page to link to from my Microsoft Alternatives page which is in desperate need of updating.

The GPL only applies to the GPL'd code. Nothing is to stop Libranet from including non-GPL code on the distribution. If Libranet includes something which they have an exclusive license to (it could even be a poem by the CEO's daughter), then they can prohibit you from redistributing that.

You are, of course, free to take the GPL'd programs and make your own ISO, but you cannot necessarily redistribute their ISO.

Consider this from http://www.openbsd.org/faq/obsd-faq.txt:

3.1.2 - Does OpenBSD provide an ISO image available for download?

You can't. The official OpenBSD CD-ROM layout is copyright Theo de
Raadt, as an incentive for people to buy the CD set. Note that only
the layout is copyrighted, OpenBSD itself is free. Nothing precludes
someone else to just grab OpenBSD and make their own CD.

Of course, OpenBSD isn't under the GPL, but the same thing would seem to apply. The location of the files, or the release notes, or whatever, is not a derived work from GPL'd code, so it doesn't have to be redistributable.

Anyone who reads The OpenBSD Errata could tell you while they do a good job for an open source project, I certainly would not want any lives riding on the security of it.

Kidding, kidding. But only half. Maybe not even half.

Actually we have very good CVS discipline in the project. Each part has a clearly defined owner, and commits that are made with the owners consent will not be accepted, though this has not yet been a problem as far as I am aware. There is only one component of WorldForge that has as many as 5 people working on it, and that is the next generation server. As for closed source, I think most of us have idealogical objections to that.

We have looked at the articles written by Theo and co. over at OpenBSD and will be looking at applying these review methodologies once are code is a little further along, and more functional. Maybe we are never going to be as secure as OpenBSD, but we hope we can be secure enough to run a decent game.

Our security model is based on a totally untrusted client, which is the only sane approach possible, and we hope will keep the number of possible exploits down, maybe even lower than proprietary systems which trust the client.

CIA director George Tenet said individuals such as Osama bin Laden - the man alleged to have been behind the 1998 bombings of US embassies in East Africa - are using the internet to cloak communications within their organisations. "You recruit people on internet sites and you use encryption," Tenet said. "You move your operational planning and judgements over internet sites' use of encryption. You raise money."

Bin Laden inspires particular alarm in the US. National Security Agency chief Mike Hayden says his own organisation is "behind the curve in keeping up with the global telecommunications revolution", which bin Laden is able to exploit. Hayden blamed this gap for the US's failure to prevent the 1998 embassy attacks, which killed 224 people.

Newer Stealth Arrangements

Never See Anything

Next Superpower Agency

New Snooping Applications

Nothing's Secret Anymore

while($information =~ /[a-z]['")]*[.!?]+['")]*\s/g) {
$conspiracy++;
}

print "Your $information is filled with $conspiracy theories\n";

Where in the world is SpeedyGrl

CIA director George Tenet said individuals such as Osama bin Laden - the man alleged to have been behind the 1998 bombings of US embassies in East Africa - are using the internet to cloak communications within their organisations. "You recruit people on internet sites and you use encryption," Tenet said. "You move your operational planning and judgements over internet sites' use of encryption. You raise money."

Bin Laden inspires particular alarm in the US. National Security Agency chief Mike Hayden says his own organisation is "behind the curve in keeping up with the global telecommunications revolution", which bin Laden is able to exploit. Hayden blamed this gap for the US's failure to prevent the 1998 embassy attacks, which killed 224 people.

Newer Stealth Arrangements

Never See Anything

Next Superpower Agency

New Snooping Applications

Nothing's Secret Anymore

while($information =~ /[a-z]['")]*[.!?]+['")]*\s/g) {
$conspiracy++;
}

print "Your $information is filled with $conspiracy theories\n";

Where in the world is SpeedyGrl

In the largest criminal Internet attack to date, a group of Eastern European hackers has spent a year systematically exploiting known Windows NT vulnerabilities to steal customer data.

The FBI and Secret Service are taking the unprecedented step of releasing detailed forensic information from ongoing investigations because of the importance of the attacks.

Within a day or two, the Center for Internet Security will release a small tool that you can use to check your systems for the vulnerabilities and also to look for files the FBI has found present on many compromised systems - indicating your system may have already been compromised by the attacker group.

I'm no MS shill (I'm typing this from my OpenBSD laptop) running lynx) but I will say that MS office runs pretty well on my 128MB, Win2k, 300MHz AMD box at work. Even 96MB is OK for Word, Outlook, and a couple of MSIE windows (home PC).

It's a standard slashdot line that Office is bloatware and a pig. I happen to find Word pretty snappy (surprisingly so). I found StarOffice and WordPerfect almost unusable on similar hardware.

Of course, server apps are another matter-- give me Apache/PHP4/Python/PostgreSQL on the above hardware over IIS+MS-SQL+ASP (cringe) any day!

---
In a hundred-mile march,

md5sum is a hash, meaning that it's a one way algorithm (it's believed impossible (very difficult) to get back the original text from the hashed text. Rijndael is a symmetric cipher, with a variable key length, meaning that, given knowledge of the key, it is trivial to get the plaintext (that's the whole point of it :). I'm not sure if Rijndael can be easily made into a hash (I would guess it could- maybe encode "" using the cleartext as the key?)
On an somewhat unrelated sidenote: OpenBSD uses blowfish (by default) to encrypt passwords (cat /etc/passwd.conf). So I would _guess_ that it's apparently easy to transform a symmetric cipher into a hash. Although- I'm not a crypto expert. Although I have no idea on the relative security provided by Rijndael and MD5, I think Rijndael is considerably better, but that MD5 should suffice for typical systems.

Man pages are extremely adequate for almost every purpose, and most software. There are a few reasonable criticisms, and a lot of unreasonable ones... here goes:

• There's no hyper-text linking! Not entirely true. Because references to other man pages are in a standard format, it is trivial to compute references... there are perl scripts out there that turn troff(1)-formatted man pages into HTML with useful links to other man pages reliably and easily. It wouldn't be difficult to forego HTML completely, and simply rewrite the man(1) program to handle these links. In fact, with a slight change to the manner in which references were made, you could even specify sections of other man pages easily, since the sections are standard.
• Man pages don't give useful information! This is an amalgation of a few complaints, actually - that man pages only discuss commands and APIs, for instance, that they don't include examples, etc. This is not relevant to man pages, but certain operating systems' man pages. If you look at OpenBSD, there are man pages that discuss general issues involved in VPNs(8), IPSec(4), and even general introductory information (afterboot(8)). Man pages suit this sort of topic treatment reasonable well, and lead to more centralized documentation (a real win!).
• You can't print good books from man pages! OK, true enough. Info, DocBook, etc. are well-suited for writing general books intended to teach. However, Trying to use Info or DocBook documents as references is unpleasant, and involves a lot of poking around for just the link. They essentially serve a completely different purpose.

For Gnome, there's no reason to not rely upon something standard like man (or even info) over HTML, when man and info translate much better to HTML than vice versa.

Man pages are extremely adequate for almost every purpose, and most software. There are a few reasonable criticisms, and a lot of unreasonable ones... here goes:

• There's no hyper-text linking! Not entirely true. Because references to other man pages are in a standard format, it is trivial to compute references... there are perl scripts out there that turn troff(1)-formatted man pages into HTML with useful links to other man pages reliably and easily. It wouldn't be difficult to forego HTML completely, and simply rewrite the man(1) program to handle these links. In fact, with a slight change to the manner in which references were made, you could even specify sections of other man pages easily, since the sections are standard.
• Man pages don't give useful information! This is an amalgation of a few complaints, actually - that man pages only discuss commands and APIs, for instance, that they don't include examples, etc. This is not relevant to man pages, but certain operating systems' man pages. If you look at OpenBSD, there are man pages that discuss general issues involved in VPNs(8), IPSec(4), and even general introductory information (afterboot(8)). Man pages suit this sort of topic treatment reasonable well, and lead to more centralized documentation (a real win!).
• You can't print good books from man pages! OK, true enough. Info, DocBook, etc. are well-suited for writing general books intended to teach. However, Trying to use Info or DocBook documents as references is unpleasant, and involves a lot of poking around for just the link. They essentially serve a completely different purpose.

For Gnome, there's no reason to not rely upon something standard like man (or even info) over HTML, when man and info translate much better to HTML than vice versa.

Man pages are extremely adequate for almost every purpose, and most software. There are a few reasonable criticisms, and a lot of unreasonable ones... here goes:

• There's no hyper-text linking! Not entirely true. Because references to other man pages are in a standard format, it is trivial to compute references... there are perl scripts out there that turn troff(1)-formatted man pages into HTML with useful links to other man pages reliably and easily. It wouldn't be difficult to forego HTML completely, and simply rewrite the man(1) program to handle these links. In fact, with a slight change to the manner in which references were made, you could even specify sections of other man pages easily, since the sections are standard.
• Man pages don't give useful information! This is an amalgation of a few complaints, actually - that man pages only discuss commands and APIs, for instance, that they don't include examples, etc. This is not relevant to man pages, but certain operating systems' man pages. If you look at OpenBSD, there are man pages that discuss general issues involved in VPNs(8), IPSec(4), and even general introductory information (afterboot(8)). Man pages suit this sort of topic treatment reasonable well, and lead to more centralized documentation (a real win!).
• You can't print good books from man pages! OK, true enough. Info, DocBook, etc. are well-suited for writing general books intended to teach. However, Trying to use Info or DocBook documents as references is unpleasant, and involves a lot of poking around for just the link. They essentially serve a completely different purpose.

For Gnome, there's no reason to not rely upon something standard like man (or even info) over HTML, when man and info translate much better to HTML than vice versa.

How hard would it be to write a script to replace "man", in say, perl, and this script would perform the function of converting man pages into browsable HTML pages (using Lynx?) or automatically use Lynx if the page is already in HTML, or if the page is info based, convert that? Something like this should be possible.

You mean like man.cgi that all of the BSD projects use?

Why not migrate your Linux/PPC boxen to the powerpc port of OpenBSD?

You can order an OpenBSD CD from here: http://www.openbsd.org/orders.html.

And btw, I recently switched from Linux to OpenBSD 2.8 on my world-visible box. Like the article said, because it's secure by default, I don't have to constantly keep up with BUGTRAQ to make sure I'm not going to get whacked. My personal computer is still Linux though. Different tools for different jobs.

Actually, sftp support was recently added (it's available in the 2.3.0 version I just finished putting in all my servers ;-)

• sftp(1) Man page
• sftp-server(8) Man page

Actually, sftp support was recently added (it's available in the 2.3.0 version I just finished putting in all my servers ;-)

• sftp(1) Man page
• sftp-server(8) Man page

Also, consider QNX if you are looking for embedded technology or real-time operating systems. (it's FAST!) Try their 1.44 MB floppy---it boots up, presents a GUI, a modem-detector, a webbrowser with Java, and a few games!

If you're looking for an OS to tinker with, consider playing with Atheos, which is similar to BeOS in design (C++ object-oriented desktop operating system). I'm interested in supporting this project myself at some point when I have free time again.

As for myself, I run BeOS, FreeBSD and sometimes QNX on my personal box, with an OpenBSD server/firewall right next to it. I find that OpenBSD puts the network first all the time; Linux-using friends of mine commented once that they tried to burden it and found that it was serving X windows applications faster than their computer could keep up. This is a Pentium 233 w/ 128 MB ram and a 27.2 GB hard drive we're talking about, not the Athlon 750s with 256 MB of RAM my friends are using. And that's in addition to serving Samba, Squid (1GB!), FTP and SSH all at once. OpenBSD's in-fucking-credible. Mad props to Theo, the man is my God.

For my desktop though I'm mainly running BeOS because it pretty much does everything I need in a box that's not quite as network-aware as I would like (smb's manual still, X isn't supported in a real way yet). But it's a snappy interface that can multitask like you wouldn't believe, incredibly efficient and beautifully designed. Coding for it is fun too. It's all you could ask for, except for improved networking which is in the works and perhaps some UNIX odds and ends, like X support or serving. It's not a server OS. It's a desktop.

QNX would be fun if they would supply more packages with it. Lots of UNIX doesn't seem to compile right under it though; I'm not sure what the problem is, because QNX is considered a UNIX more so than BeOS and it has more problems compiling POSIX code. All I know is, QNX is the fastest UNIX on the planet, it feels like it's got to be at least 95% assembly to be so damn fast! And it has a fairly rich API for the GUI (Photon), though it is C-based.

OS's are somewhat of a hobby of mine; I'm downloading Solaris 8 Intel as we speak to try it out. I would say that the worst thing you can do is get stuck in a rut, unwilling to try anything out. I was a Linux-Mandrake devotee for a long time before last year; since then I just got sick of seeing the same screen all the time. More knowledge is necessarily better; I have complete config files for blackbox, AfterStep, and FVWM2, also used Sawfish/GNOME for a bit. Always try new things; the OS world is richer now than it has been in years thanks to the free software movement. Don't become a zealot if you can help it; it stops you from being open-minded.

Daniel

http://www.openbsd.org/errata.html

There's a nice, if short, checklist at http://www.openbsd.org/porting.html#security

This is not true. OpenBSD have of course merged the required fixes already, and they can be found at:

OpenBSD 2.8 http://www.openbsd.org/errata.html
OpenBSD 2.7 http://www.openbsd.org/errata27.html

The rebuild and install is trivial.

--

This is not true. OpenBSD have of course merged the required fixes already, and they can be found at:

OpenBSD 2.8 http://www.openbsd.org/errata.html
OpenBSD 2.7 http://www.openbsd.org/errata27.html

The rebuild and install is trivial.

--

Until October 4, 2000, OpenBSD's Website read "Three years without a remote hole in the default install!" and "Two years without a local hole in the default install!" The second part was dropped on October 4th (5th, maybe) when a local hole was found in chpass. It still has been three years since the last remote hole in OpenBSD, which is fantastically impressive. OpenBSD (and all BSDs) is open souce. The reason that more security issues are found in Linux is that there are more security issues in Linux. OpenBSD has proven nearly impenetrable in its default install. It is amazing and the other BSDs are very secure as well. GNU/Linux is a great system, and many distros are pretty secure--certainly more secure than windoze, but Linux does not compare to BSD in terms of security, as far as i know. The Linux kernel generall is released more frequently, but OpenBSD is updated daily and currents can be obtained pretty easily. Distributions (the whole system) are generally not released more often than bianually, which is how often OpenBSD (the whole system) is released. OpenBSD was audited for security problems and is just that secure, it's not just that more people look through the Linux code.

The Dreamcast is going to beat Indrema in becoming the first open-source (I know, but I want your attention) gameplatform. OpenBSD is, as far as I can tell from the mailing list, near to support the ethernet adapter. NetBSD might be a strange platform for SEGA to have running on it's hardware, since NetBSD's license states that you can redistribute binary only. But once the driver is done, it will also (my guess) be awailable for you Linux guys ;) Somebody write an X server for it, and I'm in. (It will even be supported by kylix)

Would be to wipe the stinky Linux and install OpenBSD PowerPC

OPENBSD POWERPC

And a number of companies, including BSDi and those listed here, here, here, here, here, here would probably disagree.

And a number of companies, including BSDi and those listed here, here, here, here, here, here would probably disagree.

And a number of companies, including BSDi and those listed here, here, here, here, here, here would probably disagree.

I'm not sure what the problem is. There is a fix - it's called OPENBSD. You have to enable services on your own. Wonder why they haven't had an attack go through on a regular install in 3 years? Hmmm

ie3 was funky. Stylesheet support that still beats ns4.?, a javascript runtime that was complete and almost bug-free, and frigging skins before Winamp.

Pity everyone I knew at the time used NS in all it's insect-ridden glory -- writing for it was a waste of time. Gah.

And then I moved onto grown up OSes that even Netscape don't ship binaries for, so that was the end of IE for me. 'S kinda hard to develop for a browser when you can't even emulate the system calls it makes ...

ie4 was good. The best DHTML out there, the original DOM ... 5 is bulky. I prefer NS on win32 at the moment, purely in terms of non-bloatedness.

Ah well. Still must be patient. Did you know Brendan Eich isn't brendan-at-netscape-dot-com anymore, but brendan-at-mozilla-dot-org ? Netscape isn't The Company any more ...

int getnextnumber(FILE *fp)
{
char line[100];

fgets(line, 200, fp);
return atoi(line);
}
(I may have got the parameters in the wrong order above, don't flame me, it's the principle that I'm trying to describe)

In the above, the programmer has allocated a 100 byte array for input of a number, but has called fgets to read a line of up to 200 characters. So a 101 byte line will overflow the buffer.

With most C compilers on most platforms allocate memory, the same stack is used to store the return address to jump to when the function has completed executing as the data itself. Therefore, a buffer overflow exploit needs to put code in the buffer, work out where that code will be when the function is executed, and overwrite the return address with the address of that code.

It's not easy but a number of factors can help a hacker in this situation, usually that once compiled for a particular platform, on 32 bit platforms at least, the function will normally always appear in the same place in memory, and when the program is running, if you're careful about the conditions underwhich you feed it bad data, you can make a reasonable assessment as to where the stack will be when its called.

The majority of UNIX hacks I've seen on the BugTrac lists are buffer overflow exploits, and from what I recall, they're the major ones the OpenBSD team are constantly on the look out for. So it's a real problem, and assuming the Shockwave overflow is predictable as described above (or requires little overflow anywhere else to overwrite code or a return address), it's credible someone might use it.

So don't run Netscape as root. Unless you're a Windows 9X/Me user of course, where you don't have much choice...
--

*) telneting as root is considered bad. Please replace telnet with OpenSSH. It encrypts thing so that people can't spy on your sessions. If you want an example, learn how to use tcpdump, and see what happens. It's also a good idea to not ssh as root so that it requires another level of passwords to get total control over your box.

*) Nobody is a generic dummy account on most UNIX systems. Its purpose is to allow you to run various daemons under the lowest priviledges possible (that of a user which can't login and doesn't own any files). A better practice is to create on user account per daemon, and have it own only the files it requires to write to.

*) -- MARK -- is a generic placeholder put there every n amount of time (the default is 20 minutes.. man syslogd for more information).

*) DENY and REJECT act slightly differently. If you are going to utterly blackhole a machine, or simply want to eat packets coming in, DENY is the option you want. REJECT simply sends back a connection refused packet (for TCP, UDP and other protocols have slighty different packets). If you're going to be filtering TCP ports, use REJECT -- DENY will show up as 'filtered' on nmap and any other quality scanner which notes the lack of a reply packet (despite the host being up).

*) OpenBSD is an audited branch of the BSD family tree. This code can trace its lineage back to the original UNIX code. For many people, it's a great replacement for Linux on their firewalls because it's simple to setup, and secure out of the box. If you require SMP, or are going to be doing things like high volume web traffic, you may want to review the performance of it vs. Linux, or combine them via firewall + proxy network setup.

If you have any other questions, head to #kuro5hin on slashnet (or irc.kuro5hin.org if you don't know what slashnet is ;)). We'll help you out.
--

What surprises me is that they deem a revelation of source code a security risk. That, if anything, shows a lack of faith in OSS.

As much as it may chagrin me to admit it, Microsoft has some thirty-five thousand people working for it, and while they may not be able to or want to audit their code in an OpenBSD-like manner, I am sure they have an entire security department. And I am also pretty sure that they know that security through obscurity doesn't work.

My point, and I do have one, is that Microsoft does have its stuff together, to a certain extent. W2K and NT4, while not suitable for an Internet server, do well in a Microsoft only Intranet environment. If the government gets scared because of 9x or NTKRNL code being let out, what must they think about things who's code has always been available? Yes, it allows for public contributions and improvements, but it also allows for public analysis, scrutiny, and discovery of bugs.

Definitely not a Karma whore,
Mike "My Bucket's Got a Hole in It" Greenberg

Okay, here are the links you'll need when picking out a free software laptop:

Linux:
http://www.cs.utexas.edu/users/kharker/linux-lapto p/
http://www.linux.org/hardware/laptop.html

FreeBSD:
http://www.cse.ucsc.edu/~dkulp/fbsd/laptop.html
http://www.jp.freebsd.org/PAO/LAPTOP_SURVEY/index. html

OpenBSD:
http://www.openbsd.org/i386-laptop.html
http://www.monkey.org/openbsd-mobile

NetBSD:
http://www.reedmedia.net/misc/netbsd/laptops-and-n etbsd.html
http://newsletter.toshiba-tro.de/netbsd/

X window system LCD configs:
http://www.sanpei.org/Laptop-X/note-list.html
http://www.sanpei.org/Laptop-X/Laptop-X/

Notebook survey for graphics/PCMCIA
http://hci.ucsd.edu/dsf/notebooks.html

If anyone has any other links for other free software OSes, please post them :)
--posted anonymously to avoid karma whoring.

That review alone could improve Linux security to possibly surpass that secure BSD distro (netbsd?)

I think you're thinking about OpenBSD.

[TMB]

There are good examples of this already. UAE is an Amiga hardware emulator, which runs AmigaOS and AROS (I'm hoping to try OpenBSD on it soon ;) It passes through serial and parallel port access.

Harder would be CDROMs and other such devices. Especially in Multi-User secure environments. You would have to open up permissions on a variety of devices to allow Plex86 to use the passthrough if it were running in an unpriviledged user's process.

Definately a good thing, if you can get it, though.

> One incident is the one at University of Washington Medical Center where a hacker gained access to thousands of medical records and confidential patient data.

What's up with that? Don't they have the funding to get them selves a decent sysadmin?

IMHO if you have data to protect, then either hire someone who know how to make a system secure or don't use the system at all.

If neither of these are acceptable, then there's only one thing to do: openbsd.

Just my 2cents.

Ask and you shall receive :)

OpenBSD, like all the BSDs, is maintained as a coherent system. They want to replace strncat with an less error-prone function, and change everything in the system to use it? Done. The ports tree is considered explicitly separate from this ``system''.

Second, nothing that is not essential will ever be included in that base system unless it's BSD-licensed.

The ports are considered untrusted by nature, so there's no issue of Theo or anyone else trusting your code audit.

GNUstep is an application, and I don't know its licensing terms but I think I could probably hazard a guess. If you want it to be part of the base system, then you're just SOL. If you want it to be a port, then there's almost nothing stopping you. Read the documentation on creating a port. Be aware that the port system is a bit of a moving target, so join the ports mailing list. Don't forget to search the archives before posting any questions.

Theo himself very rarely gets his hands dirty with the ports system; you'll learn who his generals are if you stay on the mailing list.

I'm actually pretty confident that OpenBSD tracks the changes they make, but those changes(I believe) are to the overall package that is OpenBSD, not to the individual files.

Huh? You know what CVS is, isn't it ?

http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin /named/named/ns_resp.c

> > I don't think you understand how they package up their releases. It
> > isn't like Red Hat or Debian, i.e. there are no individual packages
> > like perl-5.003-666 or nethack-23-skiddoo.
>
> To which I reply:
>
> ftp://ftp.openbsd.org/pub/OpenBSD/2.7/packages/spa rc/

Again :

http://www.openbsd.org/cgi-bin/cvsweb/ports/net/nt op/

I'm actually pretty confident that OpenBSD tracks the changes they make, but those changes(I believe) are to the overall package that is OpenBSD, not to the individual files.

Huh? You know what CVS is, isn't it ?

http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin /named/named/ns_resp.c

> > I don't think you understand how they package up their releases. It
> > isn't like Red Hat or Debian, i.e. there are no individual packages
> > like perl-5.003-666 or nethack-23-skiddoo.
>
> To which I reply:
>
> ftp://ftp.openbsd.org/pub/OpenBSD/2.7/packages/spa rc/

Again :

http://www.openbsd.org/cgi-bin/cvsweb/ports/net/nt op/

Earlier in the year it was announced that SMP support was being developed. On the web site it states, "SMP (Symmetric MultiProcessor) support is not yet in OpenBSD, but there exists a project, started in February 2000, to bring said support to at least the i386 and sparc platforms." What is the current status of SMP and are you targeting a specific release for it?

Thanks for OpenBSD, Theo. It runs my firewall.

I love the cute new version of the blowfish logo! From the file name, it looks like she's called "Sushi".

So my questions are (a) Who is the artist, and (b) When will there be a T-shirt with a picture of Sushi printed really big?


Torrey Hoffman (Azog)

www.openbsd.org is just a mirror on a SUNsite (hence the solaris) done as a favor to the OpenBSD project. www.usa.openbsd.org and openbsd.groupbsd.org both run OpenBSD. openbsd.rt.fm has just been added. Note: www.usa.openbsd.org is run from canada (assumedly by the project itself), but I was unable to determine the locations of the other OpenBSD sites, although their IPs are similar. the sunsite running openbsd.org is also in canada.

-----
#cd /

1. Take a look at smp.html. I386 and sparc, and hopefully ppc now that SMP is mainstream on that platform. Note that SMP on alpha would likely only come after the alpha port were revived (regarding which there has been some talk, but I don't know how much code).

2. Take a look at sparc64.html.

1. Take a look at smp.html. I386 and sparc, and hopefully ppc now that SMP is mainstream on that platform. Note that SMP on alpha would likely only come after the alpha port were revived (regarding which there has been some talk, but I don't know how much code).

2. Take a look at sparc64.html.

On another note, what's your feeling about commercial use of OpenBSD?

The OpenBSD team is happy to have the commercial use of OpenBSD...a quote from their web page:"OpenBSD encourages companies and independent developers to create products for use with OpenBSD, or based on OpenBSD itself. "[1]

They may or may not implement "X" for you though. I would imagine that if what you want is of general interest to everyone, they would probably do it for free, if not you could contact some of the developers on this page, and they would probably be happy to help you out..for a price.

[1] taken from http://openbsd.org/products.html

On another note, what's your feeling about commercial use of OpenBSD?

The OpenBSD team is happy to have the commercial use of OpenBSD...a quote from their web page:"OpenBSD encourages companies and independent developers to create products for use with OpenBSD, or based on OpenBSD itself. "[1]

They may or may not implement "X" for you though. I would imagine that if what you want is of general interest to everyone, they would probably do it for free, if not you could contact some of the developers on this page, and they would probably be happy to help you out..for a price.

[1] taken from http://openbsd.org/products.html