OpenBSD Journal

Esoteric OpenBSD Implementations

Contributed by jose on from the gettin-jiggy-with-it dept.

francisco writes :
"If you've ever wondered how to set up OpenBSD + RaidFrame to set up a solely RAM based system, here's the How To . It's right next to the How-To for installing OpenBSD inside VMware on your WinXP box and have the OpenBSD instance firewall/NAT for its host.

I worked on the first in response to a previous article , and the latter b/c i like VMware. "

You have to admit, these are some pretty interesting setups.

(Comments are closed)


Comments
  1. By Anonymous Coward () on

    francisco, you are insane.

    this is really cool stuff. thanks for sharing.

  2. By Anonymous Coward () on

    Great post.

  3. By invaderzim () on

    using OpenBSD as a fw/NAT for Windows.

  4. By Eric Hacker () hacker.nospam@no.spam.vudu.net on mailto:hacker.nospam@no.spam.vudu.net

    The described set up, while very clever, still leaves windows open to attack on the local segment. With bridged networking on a single adapter, traffic between the systems will hit the local physical segment.

    On a hub, all traffic will be visible to all other systems on the segment. With a switch, the ARP requests and any other broadcast (like NetBIOS) will still be seen to all others on the segment.

    All one has to do to attack the Windows system is to use an address in the Windows assigned segment. This is not suffcient protection in a hostile segment such as for cable modem users directly connecting to the cable modem.

    This does protect against attacks from other networks.

    Peace

  5. By Anon () on

    For the RAMDisk implementation.
    Just an idea. Could consider setting up and storing the config files in 3 1/2 floppy with the source on CD-R. Can boot up and then still can change config by removing write protect on floppy.
    No hard drive needed. Intruder needs physical access to floppy in order to get root on this machine.

    Use in a dual-homed application firewall. Fun post.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]