Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenBSD 4.6 Released

Posted by kdawson on from the onward-and-upward dept.

pgilman writes "The release of OpenBSD 4.6 was announced today. Highlights of the new release include a new privilege-separated smtpd; numerous improvements to packet filtering, software RAID, routing daemons, and the TCP stack; a new installer; and lots more. Grab a CD set or download from a mirror, and please support the project (which also brings you OpenSSH and lots of other great free software) if you can."

9 of 178 comments (clear)

  1. October 18th is also its birthday by wb8wsf · · Score: 5, Informative

    OpenBSD is 14 as of today.

    Today would be a great day for even a little gift. ;-)

  2. Re:Soft RAID? by rivaldufus · · Score: 4, Informative

    OpenBSD has had the RAIDframe driver for a long time. This releases is adding some sort of RAID 4 and 5 implementation.

  3. Re:OpenBSD pf by Dr.+Smoove · · Score: 3, Informative

    ah, that's super easy, have you ever even tried to read the docs? If 10.0.0.1 is a gateway that people are nat'd behind, something like block in from 10.0.0.1 to 192.168.0.0/24 in pf.conf, done. pfctl -n -f /etc/pf.conf to check that the grammar is correct, and pfctl -F rules -f /etc/pf.conf to reload the rules. If you mean you need to set up the openbsd box to *do* nating it's still pretty simple. All it takes is a quick look at the PF documentation.

    --
    "If you plant ice, you're gonna harvest wind."
  4. Re:Where's the song? by dayid · · Score: 4, Informative

    Right here: http://openbsd.org/lyrics.html#46

  5. ISO Policy Explained by nuckfuts · · Score: 3, Insightful

    OpenBSD's FAQ explains their choices regarding ISO images.

    I like to install OpenBSD from a floppy image - only 1.44 MB! I then choose an FTP mirror and install whatever parts I want on the fly.

  6. Re:openbsd kernel by Just+Some+Guy · · Score: 3, Funny

    *BSDs (all of them) still lack HA and failover clustering software.

    Ironic in a story about an OS release that features improved HA networking.

    --
    Dewey, what part of this looks like authorities should be involved?
  7. Looks like a typical OpenBSD release by fadir · · Score: 3, Interesting

    Rock solid, thought through and very conservative.

    They have their niche and do their best to serve it as good as they can. I'm very glad that this project exists even though I don't use OpenBSD but various of its offsprings (OpenSSH/SSL, etc.) only.
    Theo is a very controversial person but at least he keeps the project on focus and going. Congratulations for that and best of luck for the future.
    I don't see myself using OpenBSD anytime soon but I know a few people that do and they are happy with it. So keep going, the community needs you!

  8. Re:OpenBSD - not that secure... by Spit · · Score: 3, Informative

    OpenBSD's focus is preventing the exploits in the first place with many overflow vulnerabities in third-party software being non-exploitable on OpenBSD. After running it for 10 years, I trust OpenBSD's record. It has some of the best in the business probing it, and with the most serious flaw in years being a subtle IP6 attack, I think that trust is well founded. If you were to prove otherwise, I'm sure you would instantly be a big name in security.

    Although sound design, role security is added complexity which increases scope for vulnerabilities. From coding errors to implementation errors, complexity breeds insecurity. They also create a false sense of security: having implemented RBAC on Solaris I was initially impressed until I realized one could bypass it with suid bombs.

    OpenBSD's simple design and sound default permissions mean that even with a local account, it is very difficult to gain root access. The base system is comprehensive so usually there's little reason to go to ports to implement OpenBSD in its perimiter focused role.

    You would do well to back up your claim that OpenBSD is snake-oil.

    --
    POKE 36879,8
  9. Re:OpenBSD - not that secure... by atarashi · · Score: 3, Informative

    Well, I beg to differ (what else ;-)

    OpenBSD does help you, when something goes wrong:
    like for example with immuteable files, or append only files, so no one can delete your logfiles! At least you have the chance to look at what the "bad guys" did. Indeed a very fine feature for a logserver, isn't it?
    Or OpenBSD secure modes?
    Plus, you can put your WEB-Server in a jail, so *IF* someone breaks into your WEB-Server, well, the whole system is still NOT compromised.
    Jails work very well! Maybe even better the the comparative Linux stuff...

    And sorry, but SELinux is such a PITA, I've never seen anyone using it, mostly it is simply disabled, because it is the root cause of many problems.

    Yes, VMS was a great system, but it is even deader the the *BSDs ;-)
    No, really, Application support on (Open)VMS is not so great, and Drivers for many addon-cards are noexistent. So, even if it was (is) good, it is in no way mass compatible.

    To me, it seems you tried to put down OpenBSD in favor of something else (no namecalling, please!), but you failed, because your Points are rather incorrect.

    But, what should I say more, be happy with whatever OS you're running and may you never be hacked.