OpenBSD Journal

Cleaning up the back yard (with OpenBSD)

Contributed by mitja on from the an-OS-even-your-mom-would-love dept.

An alert reader reported that a recent SANS Institute White Paper describes using OpenBSD and a variety of open source software to protect your parent's home network.

It is possible to clean up the back yard with Free Open Source Software and a little design. Using off the shelf components and Open Source software the family geek can deploy a more multilayered security stance that will provide far more visibility and control over the network. This is not to say that large swaths of the Internet can be cleaned up just by plugging in a box, but to say that if anything should be a safe haven on the internet, it should be the family network, the backyard. It makes sense to clean up the backyard before taking on the worlds trash.

Read the whole paper here [PDF - 915KB].

(Comments are closed)

  1. By Andrew Dalgleish (ajd4096) on

    Don't edit /etc/rc.conf - edit /etc/rc.conf.local

  2. By Dean ( on

    Great article, in addition what I would like to see is a port of the DShield client, which would increase the exposure even more.

    1. By Anonymous Coward ( on

      You know what you have to do.

  3. By Srikant ( on

    Try HAVP instead of squidclamav. I got better performance with it. It is in the ports now.


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]