From owner-freebsd-chat Thu Jan 17 18:32: 7 2002 Delivered-To: freebsd-chat@freebsd.org Received: from torpy.unbc.ca (torpy.unbc.ca [142.207.144.60]) by hub.freebsd.org (Postfix) with ESMTP id 1E2D437B400 for ; Thu, 17 Jan 2002 18:32:04 -0800 (PST) Received: from ugrad.unbc.ca (ugrad.unbc.ca [142.207.112.20]) by torpy.unbc.ca (8.9.3/8.9.3) with ESMTP id SAA951431; Thu, 17 Jan 2002 18:32:02 -0800 (PST) Received: from localhost (karlj000@localhost) by ugrad.unbc.ca (8.9.3/8.9.3) with ESMTP id SAA20315; Thu, 17 Jan 2002 18:31:19 -0800 X-Authentication-Warning: ugrad.unbc.ca: karlj000 owned process doing -bs Date: Thu, 17 Jan 2002 18:31:18 -0800 (PST) From: Jeremy Karlson To: Nathan Mace Cc: freebsd-chat@FreeBSD.ORG Subject: Re: A CDROM based firewall----Which Os do i use? In-Reply-To: <200201172324.SAA04174@uce55.uchaswv.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > for those of you interested, what OS do you recommend as a good starting > point for a bootable, CDROM based firewall. seeing as how this is > freebsd-chat the obvious choice would be Freebsd. However seeing as a > firewall needs to be secure as possible, wouldn't Openbsd make better sense? > or would distributing it as a ISO image violate Theo's copyright? Go with Linux. Nah, I'm just kidding. :-) AFAIK, you are able to create (and even sell) OpenBSD ISOs. However, the original CD (and therefore its image) that the OpenBSD group creates is copyrighted, and you are not able to distribute it. But downloading the files, and creating your own CD (and selling that) is legit. At least, that's my understanding, and I have been wrong before. > also there is NetBSD. it would be nice for this project to support anything > with a cpu and cdrom. NetBSD would be an interesting choice, but really, do you need to support EVERYTHING? I mean, some things don't make good firewalls; my Dreamcast doesn't even have the capability to do so. If you feel that a lot of NetBSDs ports seem reasonable as firewalls, it might be a good choice. > what do you guys think? freebsd rocks, but sometimes there are other choices > that make more sense. If you're looking to stick to one of the BSDs, I think it's a choice between Open and Free. When they're both stripped down, I don't think that security will be much of an issue on either. In my experience, FreeBSD is slightly faster, so if you're targeting low-end (like 486) machines, it might be better. FreeBSD also has more hardware support, I think. (That's just a guess, but last time I looked into Open I thought it was true.) But OpenBSD does have a few ports that WOULD make sense as firewalls, such as Sparc and PPC, so that's an advantage for it. I think what really needs to be done is you need to get together with people you want to work with, and determine what your goals are. When you have those, the OS of choice will select itself. (BTW, whichever route you choose, I would be interested in helping, if nothing else by doing a little testing. I'm not much of an OS hacker, but if I've got the time, I'm willing to give some work.) -- Jeremy There is a fly on your nose. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message