Slashdot Mirror
OpenBSD 4.6 Released
pgilman writes "The release of OpenBSD 4.6 was announced today. Highlights of the new release include a new privilege-separated smtpd; numerous improvements to packet filtering, software RAID, routing daemons, and the TCP stack; a new installer; and lots more. Grab a CD set or download from a mirror, and please support the project (which also brings you OpenSSH and lots of other great free software) if you can."
Doing what others only dream... a scheduled release, early!
The story points to plus46.html which isn't useful for a general distribution announcement like this. Here's a much better choice (which includes a link to the plus46.html page):
http://www.openbsd.org/46.html
or
http://www.sigmasoft.com/~openbsd/archives/html/openbsd-announce/2009-10/msg00001.html
for the record, i submitted it with different links. plus46.html was originally linked from the text "and lots more." they "improved" the links in the story before they published it.
if i'm a grammar nazi, you're an illiteracy nazi.
I use it for my father's site-to-site VPN and the ease of configuration of OpenBSD's ipsec.conf makes it wonderful. It is highly reliable and, in the two years I have had it implemented it went down due to the failure of the onboard NIC in a Dell Server. I simply threw in a spare INTEL PRO/100 (em) and it was back up within 5 minutes.
When I looked at the release notes sent out by email, I saw this under "New functionality":
"httpd(8) can now serve files larger than 2GB in size."
I'm very surprised by this.
Rock solid, thought through and very conservative.
They have their niche and do their best to serve it as good as they can. I'm very glad that this project exists even though I don't use OpenBSD but various of its offsprings (OpenSSH/SSL, etc.) only.
Theo is a very controversial person but at least he keeps the project on focus and going. Congratulations for that and best of luck for the future.
I don't see myself using OpenBSD anytime soon but I know a few people that do and they are happy with it. So keep going, the community needs you!
A far more secure kernel. User-land wise, there is a lot of manual configuration to get things right which Ubuntu just does out of the box.
OpenBSD is certainly faster on a single core system on a dual core system the difference is not as apparent unless running extremely high loads. Hardware support on the other hand - When it supports your hardware, it supports it really well. When it doesn't support it, you're out of luck.
Change is certain; progress is not obligatory.
Can someone recommend a good platform on which to run OpenBSD which will consume the lowest possible power and let me run a Wireless-G and a Wireless-N NIC in master mode at the same time? I also need 100baseT[x]. Ideally it would run from fairly broad DC power (8-18VDC). I want to spend minimal money :) So far in the running are PC Engines, Mikrotik, and Soekris, in my current order of preference from most to least. I'm willing to have my mind changed, though. SD, USB, or CF storage, I don't care.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
My point was that OpenBSD is not a 'secure system', despite being quality code.
It provides no ways to limit or control the system, or to limit access if an attack does occur.
It is good practice to assume that an attack may occur, and be prepared for it.
I never said OpenBSD was snake oil, simply that it is not the secure system people seem to think it is.
And, no, you can't bypass RBAC with SUID bombs if it is set up correctly.
If you ignore ACs because they are anonymous - you're an idiot.