It is all personal preference.
Go with what you are comfortable with.
I like OpenBSD firewalling rules better.
I like the default sercurity policy configs better.
I like having IPSEC built into my kernel and tcp stack.
The man pages and documentation are better.
I find some things are more advanced than linux but Linux has
better driver support.
Realistically, an OS is only as secure as the proficiency of the admin
can make it.
A bad admin can make OpenBSD a rootshell waiting to happen and a good
admin can even make Windows secure.
Try it out and see how it fits your needs.
You don't go to Home Depot and buy a screwdriver to build with nails.
Don't treat your operating systems the same way.
NOTE: All of the BSDs except BSDI are freely available
so give a test drive to all of them. Don't get hung up on
the "I am most secure" penis waving between distros.
My .02
It seems like on Thu, Jan 11, 2001 at 07:11:33AM +0800, P-K scribbled:
Orig Msg> I have often wondered about this. I should just dig in and install a bsd box just to check it out.
Orig Msg>
Orig Msg> But what are the advantages that Open or Net BSD have over linux when talking about security and firewalls? I have heard this time and again and I am just currious as to the facts of the matter.
Orig Msg>
Orig Msg> JLF I know you use BSD what do you think?
Orig Msg>
Orig Msg> Thanks
Orig Msg>
Orig Msg> P-K
Orig Msg>
Orig Msg> -----Original Message-----
Orig Msg> From: "Furmanek, Greg" <
Greg.Furmanek@hit.cendant.com>
Orig Msg> Date: Wed, 10 Jan 2001 10:27:04 -0500
Orig Msg> To: "'
plug-discuss@lists.PLUG.phoenix.az.us'" <
plug-discuss@lists.PLUG.phoenix.az.us>
Orig Msg> Subject: RE: standalone firewall
Orig Msg>
Orig Msg>
Orig Msg> > From my experience to this day and reading a lot of docs I
Orig Msg> > still think that OpenBSD firewall is better than Linux 2.2.x
Orig Msg> > based. One very good thing about OpenBSD is the fact that
Orig Msg> > the os is shipped with encryption. If you use it as
Orig Msg> > firewall/router this may come handy for remote access.
Orig Msg> >
Orig Msg> > Another option I was looking at is using 2.4 kernel but it is
Orig Msg> > really fresh so I am going to wait for some updates and see what
Orig Msg> > the distribution vendors going to do. Another interesting
Orig Msg> > addition to using Linux as firewall is RSBAC which makes the
Orig Msg> > box really tight.
Orig Msg> >
Orig Msg> > I guess you just need to read a lot of docs on-line and decide
Orig Msg> > what you want to do.
Orig Msg> >
Jean Francois - JLF Sends...
President & CEO - MagusNet, Inc., MagusNet.com, MagusNet.Gilbert.AZ.US
MagusNet, Inc. - Design * Develop * Integrate
Director Of Managed Services - OpNIX,Inc.,
www.opnix.com
OpNIX - Simply Better Bandwidth
My Certifications:
http://www.magusnet.com/resume.txt
Doing my part to educate the Clubie Illiterati. One LART at a time!