OpenBSD Journal

OpenBSD named best firewall by a Windows newsletter?

Contributed by sean on from the the pot calling the kettle awesome dept.

Noryungi writes:

This has been announced on Daemon News: OpenBSD has been named best firewall for Windows machines, by a Windows newsletter. The only problem is, of course, that OpenBSD is an entire Operating System, and not just a piece of software for Windows... See link for more details.

(Comments are closed)

  1. By Anonymous Coward ( on i don't believe being windows software was part of the criteria. check out openbsd's competitors.

    1. By Anonymous Coward ( on

      It seems like a reasonable award to me. Do we really need a firewall with all the features of Pf to protect our OpenBSD boxen? Generally speaking -- I'd have to say no =) It only stands to sense that the main purpose of most firewalls is to provide centralized protection for more vulnerable machines -- primarily MS-Windows machines-- used by the bulk of businesses/home-users these days. Am I wrong?

      1. By Anonymous Coward ( on

        if you're a road warrior, then it would make a lot of sense to have advanced packet filtering capabilities. and pf's fully stateful TCP filtering is a huge plus. i know that i'd love to have a pf-equivalent firewall for all the windows XP laptops that i have going to various networks out of my control (and therefore considered hostile). windows firewalls just don't cut it when you want to allow any host to connect to a particular port and never want to hear about it again, but you do want to maintain pretty strict control over all other traffic.

    2. By .s ( on :
      " Over 100 Unique Windows NT/2000/2003 Tools And Utilities Finalists!

      Voted on by you and other NT/2000/2003 Administrators, MIS Managers, MCPs,
      MCSEs and IT professionals from around the world! "


  2. By chort ( on

    You have to wonder about the qualifications of the people voting when NetIQ wins half the categories, "IHateSpam" wins best anti-spam, and best of all Wireless Security belongs to... Windows Server 2003/XP!!!

    Not that I don't think OpenBSD is worthy, but those results are really kooky.

    1. By Nikademus ( on

      I just wonder if they had more than one choice by categorie...

    2. By Anonymous Coward ( on

      hi. indeed windows 2003 is damn fine for wireless networking, simple, fast and well... "secure". I'd still pick any *BSD anytime but I have to accept that win2003 is very very good.

      1. By Anonymous Coward ( on

        Damn I hope you were kidding.

      2. By PCronin ( on

        For WiFi G, I'll have to give it to windows, only reason being there's not as much vendor support for BSD backing it up. However, speaking strictly of WiFi B, OpenBSD would have taken that catagory too.

        1. By Anonymous Coward ( on

          Just because it works does not mean it is secure, does it ? or was that not the point ?

        2. By chort ( on

          So why didn't a vendor like Airdefense, or Cisco, or any of a host of others with actual wireless security products get the nod? Win2K3/XP (notice XP was included?!?) don't secure anything. In fact, other than recognizing a wide array of wireless cards, I'm not even sure how Windows qualifies for any kind of wireless award period, certainly not securing wireless, and SFAIK not even infrastructure (no base stations or bridges are based on Windows that I know of). If it basically only operates as a client I don't see how that qualfies.

          Oh well, plenty of other areas in this "awards" display are suspect too, so it's not surprising at all. Probably the results have more to do with certain vendors lobbying their customers to vote and most administrators being pretty clueless to the different technologies, so they either a) voted only because they got pointed to it by their vendor (NetIQ, Panda?), or b) just voted for what they knew (Microsoft).

    3. By Janne Johansson ( on

      Just the fact that Panda Antivirus got an "award" shows (to me) that this is not a crowd that inspires trust nor faith... 8-/

  3. By Peter N. M. Hansteen ( on

    No great surprises here. Of course OpenBSD supplies the best firewall. Of course they had to mess up the spelling.

    Now I too wonder if they're aware it's not actually a Windows app.

  4. By Denis Solaro ( on

    I'm still wondering about the tests and the criterias. There isn't much on it. For instance did someone set them up an openBSD box with pf+mail+av+spam filtering and they fell on their bottom when they saw all it can do, or did they just ask a few random friends at the cafeteria? Judging for your comments, and the lack of real details on the tests (I don't know, they could have used hping2, nmap, nessus and shown the results) these results are too vague to satisfy us all fully. Also, one thing I have noticed. When you install an OpenBSD fw with other added goodies for Windows user customers, the majority expect it to come with very simple setups "THEY can follow" (oh boy). Like a 3 buttons option menu to control pf (ho ho ho ho), a two button menu to control Sendmail (he he he), as if these were 100% configurable without having to understand them. (a-aah?!) Here the choice between firewall products is a tad better than the usual "we didn't select complicated stuff, cause else you will ring us up asking how it works" usual reviews. Maybe they wanted to justify their claim to be "World Leader in Infrastructure and Security Tools". So all in all it ain't that bad they talk about us. At least they didn't select OpenBSD cause it comes with a friendly talking paper clip.

    1. By krh ( on

      It sounded like they had their readership vote, a very unsatisfactory way to determine quality but an excellent way to determine popularity. Their description of their security measures at the bottom of the article, "Votes are tracked by IP address and cookies are placed on voter's workstations to reduce multiple voting by one user," is laughable.

      However, the aspect of the awards which most undermines my confidence is that Sunbelt Software owns and runs W2KNews, yet also competed for a full quarter of the possible awards (see Indeed, the product displayed most prominently on their home page is iHateSpam for Exchange--the self-same winner of W2KNews's poll!

    2. By Bob ( on

      Come on, It's a windows trade rag. The criteria was probably a google search of all the various choices with the word "firewall" and a count of how many matches there were. :)


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]