On Tue, Sep 06, 2005 at 12:04:14PM +0100, Michael.Dillon@btradianz.com wrote:
yes, it is. we can further dicuss that in private if you wish; however, claiming OpenBSD is just more vocal about security is just far off reality, and that had to be put in perspective.
The real question is not whether other BSDs or other Unices are following OpenBSD's lead. I'd like to know how many embedded systems (routers and switches) are implementing similar "hardening" techniques.
Well, I sort of gather that the implication was "all the ones that are embedding OpenBSD". ;-)
The Internet runs on embedded systems and although many have their roots in Unix, they don't seem to have adopted many of the security techniques that are used in C2 or CAPP certified systems.
Quite so.
The details that Henning posted are useful to list members who are writing RFPs for new network gear. Even if vendors can't meet these requirements today, it is good to let them know that people seriously want secure operating systems on their routers and switches.
Ah yes, the most important requirement: informed, vocal users. The more you spend per year, the better. Cheers, -- jra -- Jay R. Ashworth jra@baylink.com Designer +-Internetworking------+----------+ RFC 2100 Ashworth & Associates | Best Practices Wiki | | '87 e24 St Petersburg FL USA http://bestpractices.wikicities.com +1 727 647 1274 If you can read this... thank a system administrator. Or two. --me