Mark Minasi's Tech Forum
Register Calendar Latest Topics Chat
 
 
 


Reply
  Author   Comment  
glenn faustino

Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 21
Reply with quote  #1 

We did an OpenBSD workshop last April to a crowd of students and aspiring security professionals. We basically discussed using OpenBSD as desktop and server OS.

 

http://issaph.org/34-successful-openbsd-workshop


__________________

glenn
C:\> Get-Shell | Where {$_.PipeLine -Contains "Objects"}

 

0
donoli

Senior Member
Registered:
Posts: 496
Reply with quote  #2 
It's been said that OpenBSD is the most secure OS 'out of the box'.  I installed it once & I could see what that's true. It's true because there is nothing running on the base install.  So it has to be secure.

During the workshop, was any penetration testing done to demonstrate how secure it is?  For example, port scanning or exploits?
0
glenn faustino

Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 21
Reply with quote  #3 


No penetration testing was done on it, although I said to them that they can use it as target for their penetration testing training. We discussed about configuration of pf, dhcpd, unbound, httpd, and relayd...

 

Here are some slides about OpenBSD security mitigation technique:

 

http://www.openbsd.org/papers/ru13-deraadt/

 

http://www.openbsd.org/papers/hackfest2015-pledge/index.html

 

http://www.openbsd.org/papers/dot2016.pdf


__________________

glenn
C:\> Get-Shell | Where {$_.PipeLine -Contains "Objects"}

 

0
donoli

Senior Member
Registered:
Posts: 496
Reply with quote  #4 
It looks pretty comprehensive. When is the next workshop?

One more thing. A quick search showed that OpenSSH which has some vulnerabilities maybe used for remote administration, on OpenBSD.  You might want to take a look at that.   
0
glenn faustino

Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 21
Reply with quote  #5 

That's the result of Qualys audit on OpenSSH, it's been fixed.

https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt


No schedule yet for the next workshop.

 

 


__________________

glenn
C:\> Get-Shell | Where {$_.PipeLine -Contains "Objects"}

 

0
Previous Topic | Next Topic
Print
Reply

Quick Navigation: