[ale] ALE NW presentation for this month
Matthew Magee
mnmagee at juno.com
Wed Aug 18 07:47:39 EDT 2004
OK, I'll be there around 7:30 with the hardware. Maybe even bring along
Smoothwall, IPCOP and Freesco for Mr. Bagwell and anyone else interested.
Greg wrote:
>Yes, I would be happy to help with an install of OpenBSD. The only part I
>have never done is connecting it to a modem (I am strictly Ethernet in the
>house w/ the only modems being Winmodems - 1 in a pc for an emergency and 7
>in a box in a closet).
>
>The instructions actually come with the CD's (along with an OpenBSD oriented
>soundtrack) for those that support the project. I use it for my public
>servers and a transparent bridging firewall.
>
>The big thing this year was the addition of CARP (from
>http://www.openbsd.org/35.html )
># New tools for filtering gateway failover:
>
> * CARP (the Common Address Redundancy Protocol) carp(4) allows multiple
>machines to share responsibility for a given IP address or addresses. If the
>owner of the address fails, another member of the group will take over for
>it.
>
> * Additions to the pfsync(4) interface allow it to synchronise state
>table entries between two or more firewalls which are operating in parallel,
>allowing stateful connections to cross any of the firewalls regardless of
>where the state was initially created.
>
>The only thing I have a problem with is the upgrading of installed
>ports/packages. It has about as many ports/packages as FreeBSD so you can
>make it a desktop or whatever you want. However, the default install has
>only SSH turned on. The team has done a code audit of the OS and the
>following programs:
>
>
>What is included with OpenBSD?
>OpenBSD is distributed with a number of third-party software products,
>including:
>
> * XFree86 4.4.0, unencumbered by a new license change; the X Window
>environment, with local patches. For i386, v3.3 X servers are also included
>for additional graphic chipset support. Installed with the x*.tgz install
>file sets.
> * GCC versions 2.95.3 and 3.3.2. GNU C Compiler. The OpenBSD team has
>added the Propolice stack protection technology, enabled by default, and
>used throughout the OpenBSD userland and by default on applications compiled
>on OpenBSD. Installed as part of the comp35.tgz file set.
> * Perl 5.8.2, with patches and improvements from the OpenBSD team.
> * Apache 1.3.29 web server. The OpenBSD team has added default
>chrooting, privilege revocation, and other security-related improvements.
>Also includes mod_ssl 2.8.16 and DSO support.
> * OpenSSL 0.9.7c, with patches and improvements from the OpenBSD team.
> * Groff 1.15 text processor.
> * Sendmail 8.12.11 mail server.
> * BIND 9.2.3 DNS server. OpenBSD has implemented many improvements in
>chroot operation and other security-related issues.
> * Lynx 2.8.4rel.1 text web browser. With HTTPS support added, plus
>patches from the OpenBSD team.
> * Sudo v1.6.7p5, allowing users to run individual commands as root.
> * Ncurses 5.2.
> * KAME IPv6.
> * Heimdal 0.6rc1 with patches
> * Arla-current
> * OpenSSH 3.8.1
>
>As can be seen, the OpenBSD team often patches third-party products
>(typically) to improve the security or quality of the code. In some cases,
>the user will see no difference in operation, in other cases, there ARE
>operational differences which may impact some users. Keep these enhancements
>in mind before blindly adding different versions of the same software.
>
>Of course, additional applications can be added through the OpenBSD packages
>and ports system.
>
>Greg
>
>
>
>
>
>>-----Original Message-----
>>From: ale-bounces at ale.org [mailto:ale-bounces at ale.org]On Behalf Of
>>Matthew Magee
>>Sent: Tuesday, August 17, 2004 9:24 PM
>>To: Atlanta Linux Enthusiasts
>>Subject: Re: [ale] ALE NW presentation for this month
>>
>>
>>Ahhhh! A volunteer! :)
>>
>>I've done it, but involved much head scratching and questionable results.
>>
>>Greg wrote:
>>
>>
>>
>>>It is really the easiest thing in the world. I have 4 of them
>>>
>>>
>>running and
>>
>>
>>>it works great.
>>>
>>>Greg
>>>
>>>
>>>
>>>
>>>
>>>>-----Original Message-----
>>>>From: ale-bounces at ale.org [mailto:ale-bounces at ale.org]On Behalf Of
>>>>alelist
>>>>Sent: Tuesday, August 17, 2004 7:36 PM
>>>>To: Atlanta Linux Enthusiasts
>>>>Subject: Re: [ale] ALE NW presentation for this month
>>>>
>>>>
>>>>Yeah, I'd like to see Open BSD installed by command-line only.
>>>>
>>>>On Tue, 2004-08-17 at 19:00, Matt Magee wrote:
>>>>
>>>>
>>>>
>>>>
>>>>>On Tuesday 17 August 2004 06:08 am, Geoffrey wrote:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>I do not have a presenter for this month. If anyone has
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>anything they'd
>>>>
>>>>
>>>>
>>>>
>>>>>>like to present on, please let me know asap.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>I don't have anything to present, but I do have an old box
>>>>>
>>>>>
>>>>>
>>>>>
>>>>(K6-2 500) and an
>>>>
>>>>
>>>>
>>>>
>>>>>OpenBSD CD. If anyone knows BSD fairly well, we can set it up
>>>>>
>>>>>
>>>>>
>>>>>
>>>>to see if the
>>>>
>>>>
>>>>
>>>>
>>>>>OpenBSD folks have any good ideas in there. Maybe see how the
>>>>>
>>>>>
>>>>>
>>>>>
>>>>other Open
>>>>
>>>>
>>>>
>>>>
>>>>>Source folks are doing.
>>>>>
>>>>>_______________________________________________
>>>>>Ale mailing list
>>>>>Ale at ale.org
>>>>>http://www.ale.org/mailman/listinfo/ale
>>>>>
>>>>>
>>>>>
>>>>>
>>>>--
>>>>Certified Microsoft-free e-mail.
>>>>
>>>>_______________________________________________
>>>>Ale mailing list
>>>>Ale at ale.org
>>>>http://www.ale.org/mailman/listinfo/ale
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>_______________________________________________
>>>Ale mailing list
>>>Ale at ale.org
>>>http://www.ale.org/mailman/listinfo/ale
>>>
>>>
>>>
>>>
>>>
>>>
>>_______________________________________________
>>Ale mailing list
>>Ale at ale.org
>>http://www.ale.org/mailman/listinfo/ale
>>
>>
>>
>>
>>
>
>
>
>
>
More information about the Ale
mailing list