“So you want to build a firewall, but aren’t quite sure what
to use? You might want to consider OpenBSD, an secure offshoot of
the BSD family. From the beginning OpenBSD’s entire purpose has
been to be a secure operating system. In order to achieve
this, the OpenBSD founder (Theo de Raadt) started a code audit
project, pretty much every single line of code in OpenBSD has been
checked, and many problems were found, and fixed. In addition to
this OpenBSD is based out of Canada, which allows for the inclusion
of strong cryptography software with the OS. One prime example is
the planned addition of OpenSSH, based off of SSH 1.2.12, in the
next release of OpenBSD (2.7, this winter or so). OpenBSD also has
a slightly better network stack then Linux (at least 2.2.x Linux),
applications such as Network Flight Recorder, which take large
volumes of data off of the network simply do not work well under
most operating systems. Many of the commercial IDS systems use
OpenBSD as their OS of choice.”
“You can buy OpenBSD on CDROM, and this is probably a good
choice for several reasons. One you are getting the OS on trusted
media, you can verify the package signatures, and be sure that
nothing strange has been done to the software. You also do not need
to download OpenBSD, which depending on your network connection can
be tricky (I’m lucky, my ISP has a 10 meg peer link to the UofA
which hosts ftp.openbsd.org). Also by buying the OpenBSD CD’s you
are supporting their effort, which is a nice thing to do. Once you
have OpenBSD you can boot off the CD, or create a bootable floppy
disk and use this…”