Highest Voted 'openbsd' Questions - IT Security Stack Exchange

15

votes

5 answers

What is the potential impact of the alleged OpenBSD IPSEC attack?

Recently there is a bit of concern over encryption back doors in IPsec and while the status of this has not been confirmed, I don't know what impact something like this might have. For instance, does this mean that, since encryption on this layer…

asked Dec 15 '10 at 15:25

Incognito

5,204
5
27
31

14

votes

2 answers

Do any OpenBSD protections mitigate the damage from Heartbleed?

OpenBSD provides a list of substantial protections against exploits inherent to the OS. Most of these features are not found in other operating systems, or at least are not turned on by default. The list from the OpenBSD website linked above…

heartbleed openbsd

asked Apr 29 '14 at 13:28

Brian M. Hunt

537
1
3
16

14

votes

4 answers

OpenBSD vs. NetBSD security

If I search for the two words: OpenBSD and NetBSD on http://www.exploit-db.com/ then I get 17 hits regarding security bugs on OpenBSD, and 8 hits regarding security bugs on NetBSD. So what are the differences exactly, and how do NetBSD and OpenBSD…

operating-systems known-vulnerabilities unix openbsd

asked Mar 25 '11 at 10:13

LanceBaynes

6,149
11
60
91

12

votes

3 answers

How to best set up public WiFi without giving access to the rest of my network?

For reference, this is just for my home network. Anyway, I have quite a few of my neighbors ask me to share my internet with them. I'd really like to eliminate this "here's the password" portion though by just making my network publicly accessible.…

network wifi routing openbsd

asked Aug 24 '11 at 20:21

Earlz

604
2
6
15

12

votes

9 answers

Where to download OpenBSD release ISO's over HTTPS?

OpenBSD claims to be highly secure. So why doesn't it allow downloading the release iso's over HTTPS? Or I'm missing something? Can someone please explain this to me?

operating-systems openbsd updates

asked May 28 '11 at 09:56

LanceBaynes

6,149
11
60
91

8

votes

1 answer

Is receiving IPv4 connections on AF_INET6 sockets insecure?

The FreeBSD man page for inet6 has the following: By default, FreeBSD does not route IPv4 traffic to AF_INET6 sockets. The default behavior intentionally violates RFC2553 for security reasons. Listen to two sockets if you want to accept both IPv4…

ipv6 openbsd freebsd

asked Jun 20 '15 at 14:28

imgx64

1,370
2
13
10

7

votes

4 answers

Why do people use "burner phones" rather than Signal or similar solutions?

Why do people use burner phones rather than Signal or similar? I would imagine that if you are high value target the police or intelligence service would simply eavesdrop every phone call passing the base station nearest the location where you…

phone surveillance openbsd signal

asked Jun 08 '20 at 21:08

EmLi

171
5

6

votes

3 answers

Increase security without using "dynamic" kernel modules?

I recently read that NOT using loadable kernel modules could increase security. In my interpretation this consist about recomplying the kernel with only built-in kernel modules. (how to disable loadable kernel modules support? - in various os, like:…

linux openbsd

asked Jul 26 '11 at 06:44

LanceBaynes

6,149
11
60
91

6

votes

4 answers

In this case, does Virtualization gives more security?

A: running an OpenBSD machine with a httpd and a smtp server? vs. B: running an OpenBSD machine as virtualization host with QEMU having two guest OpenBSD system: one for smtp and one for httpd. Q: Which solution provides more security? For…

virtualization openbsd

asked Oct 01 '13 at 07:52

gasko peter

843
1
12
20

6

votes

2 answers

Is installing an old version of OpenBSD on an internet-facing server a security risk?

I have one specific package (moodle) which is not available on newer versions of the aforementioned OS. The last version of moodle was available on OpenBSD 5.3, which is more than 4 years old. Knowing of OpenBSD's impressive security track…

openbsd

asked Dec 26 '17 at 14:05

user166931

69
2

6

votes

1 answer

OpenBSD is implementing KARL. How does this improve security?

According to this article, OpenBSD is implementing a feature that will create a unique kernel every time a user reboots or upgrades his computer. It is called KARL, "Kernel Address Randomized Link". This works by relinking internal kernel files in…

linux kernel openbsd

asked Jul 07 '17 at 03:10

Digital fire

3,126
5
31
44

5

votes

1 answer

OpenBSD-based LiveCD/LiveDVD - is it secure? is it offical?

Does the OpenBSD LiveCD/LiveDVD get deeply audited like the original OpenBSD? Is it an official "port"? Experiences with it?

operating-systems unix openbsd

asked May 02 '11 at 10:19

LanceBaynes

6,149
11
60
91

5

votes

1 answer

OpenBSD, fbtab and X Window

The afterboot(8) man page of OpenBSD advises "You might wish to tighten up security more by editing /etc/fbtab as when installing X. " I would like to know what entries in /etc/fbtab would make sense for a machine that's used as a desktop for a…

operating-systems permissions openbsd

asked Oct 12 '12 at 02:19

Nicholas

86
2

5

votes

2 answers

Is there any safe OpenBSD desktop screenlocker?

Linux screen lockers don't seem so very secure, at least not in the past [1, 2, 3]. But is there any very secure OpenBSD screen locker? (Or perhaps OpenBSD uses the same desktop related source code as Linux and therefore would have similar…

openbsd

asked May 14 '16 at 08:55

KajMagnus

687
1
5
10

4

votes

2 answers

OpenBSD 32 or 64bit installer?

is the 64 bit or the 32 bit installer better? (not counting that if i have x>4 GByte RAM) - so i mean like is there any ASLR in OpenBSD? https://secure.wikimedia.org/wikipedia/en/wiki/Address_space_layout_randomization So that 64bit would be…

operating-systems openbsd

asked Mar 25 '11 at 11:19

LanceBaynes

6,149
11
60
91

Questions tagged [openbsd]