North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DARPA and the network

  • From: Michael.Dillon
  • Date: Tue Sep 06 07:04:54 2005

> yes, it is. we can further dicuss that in private if you wish; however, 
> claiming OpenBSD is just more vocal about security is just far off 
> reality, and that had to be put in perspective.

The real question is not whether other BSDs or
other Unices are following OpenBSD's lead. I'd like
to know how many embedded systems (routers and switches)
are implementing similar "hardening" techniques.
The Internet runs on embedded systems and although
many have their roots in Unix, they don't seem
to have adopted many of the security techniques
that are used in C2 or CAPP certified systems.

The details that Henning posted are useful to 
list members who are writing RFPs for new network
gear. Even if vendors can't meet these requirements
today, it is good to let them know that people
seriously want secure operating systems on
their routers and switches.

--Michael Dillon