On Sun, Apr 26, 2009 at 10:43 PM, Jean-Francois <jfsimon1...@gmail.com> wrote: > I intend to use the box as a simple firewall so I do not intend to have > possible break into. The simple task is NAT rule
So this is nat + firewalling, not one task, two. > Sorry I don't understand. I have just simple questions. I believe what was implied is that most studies and other reports out there are either academicaly or commercialy driven. They basically have no ground in the real world. I certainly for one never take seriously a study telling me that this OS is the best based on the fact that it was tested against known thtreats. Security is as good as the admin behind it. The choice of OS is also driven by the admin and his associated skills. > Thanks for this clarification, agree, however the question is rather 'if > the web server is compromized, is the OS safe due to chroot' ? By OS I > mean the configuation files, etc ... Well, no. Chroot is a security measure along the way which by no means will keep you safe from crackers. I encourage you to actually do a bit of reading on the subject. To start with, from the FAQ (http://www.openbsd.org/faq/faq10.html), section 10.16 > Ok, would you please give me some sources of informations so I can learn > more about this. This is security 101, subscribe to dedicated security lists, read about good and bad advice and sort it out. From experience as a sysadmin, bad things happen to your servers too which help you understand where you failed and you can streghten your system and knowledge. > Ok understand. > No no, this is personal server and nothing else ;) So, the fact that your OpenBSD will have no local users beyond yourself is not enough to convince you to go with it? Take your pick then : http://www.distrowatch.com Cheers, Steph
