Endpoint security solution for Windows Systems based in OpenBSD

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Endpoint security solution for Windows Systems based in OpenBSD

Diego Fernando Nieto Moreno
Hello,

Greetings from Colombia

in http://force.coresecurity.com/index.php?module=articles&func=display&ptid=10&catid=39&aid=16

I found an Interesting Article about a Endpoint security solution for Windows where their Firewall is Based in OpenBSD PF.

It's can be a reference for the "Products Based in OpenBSD" page in http://www.openbsd.org/products.html

Sincerely,


Diego Fernando Nieto Moreno
---------------------------
www.compumundohypermegared.org

Reply | Threaded
Open this post in threaded view
|

Re: Endpoint security solution for Windows Systems based in OpenBSD

Stuart Henderson
--On 01 December 2005 05:02 -0800, Diego Fernando Nieto Moreno wrote:

> http://force.coresecurity.com/index.php?module=articles&func=display&
> ptid=10&catid=39&aid=16

"The firewall is a Windows port of OpenBSD's Packet Filter (PF)"
that's just sick..!

Reply | Threaded
Open this post in threaded view
|

Re: Endpoint security solution for Windows Systems based in OpenBSD

Nick Holland-2
On Thu, Dec 01, 2005 at 01:18:41PM +0000, Stuart Henderson wrote:
> --On 01 December 2005 05:02 -0800, Diego Fernando Nieto Moreno wrote:
>
> >http://force.coresecurity.com/index.php?module=articles&func=display&
> >ptid=10&catid=39&aid=16
>
> "The firewall is a Windows port of OpenBSD's Packet Filter (PF)"
> that's just sick..!
 
sick, perhaps, but that is the purpose of the BSD license.
Would you rather they reinvent the wheel badly, or base it on something
well written?  Hopefully, the more platforms PF gets "ported" to
(somehow, I think in the case of Windows, "ported" should go in quotes),
probably the better off the world is...

Nick.

Reply | Threaded
Open this post in threaded view
|

Re: Endpoint security solution for Windows Systems based in OpenBSD

Murali Raju
I agree. This falls under the philosophy the more secure the machines
out there in the wild (even if it is a ghastly thing known as
Windows), the better off I we are. If they use OpenBSD based
technologies to help with security more power to them.

_Raju

On 12/1/05, Nick Holland <[hidden email]> wrote:

> On Thu, Dec 01, 2005 at 01:18:41PM +0000, Stuart Henderson wrote:
> > --On 01 December 2005 05:02 -0800, Diego Fernando Nieto Moreno wrote:
> >
> > >http://force.coresecurity.com/index.php?module=articles&func=display&
> > >ptid=10&catid=39&aid=16
> >
> > "The firewall is a Windows port of OpenBSD's Packet Filter (PF)"
> > that's just sick..!
>
> sick, perhaps, but that is the purpose of the BSD license.
> Would you rather they reinvent the wheel badly, or base it on something
> well written?  Hopefully, the more platforms PF gets "ported" to
> (somehow, I think in the case of Windows, "ported" should go in quotes),
> probably the better off the world is...
>
> Nick.
>
>


--
May the packets be with you.

Reply | Threaded
Open this post in threaded view
|

Re: Endpoint security solution for Windows Systems based in OpenBSD

Theo de Raadt
> I agree. This falls under the philosophy the more secure the machines
> out there in the wild (even if it is a ghastly thing known as
> Windows), the better off I we are. If they use OpenBSD based
> technologies to help with security more power to them.
>
> _Raju
>
> On 12/1/05, Nick Holland <[hidden email]> wrote:
> > On Thu, Dec 01, 2005 at 01:18:41PM +0000, Stuart Henderson wrote:
> > > --On 01 December 2005 05:02 -0800, Diego Fernando Nieto Moreno wrote:
> > >
> > > >http://force.coresecurity.com/index.php?module=articles&func=display&
> > > >ptid=10&catid=39&aid=16
> > >
> > > "The firewall is a Windows port of OpenBSD's Packet Filter (PF)"
> > > that's just sick..!
> >
> > sick, perhaps, but that is the purpose of the BSD license.
> > Would you rather they reinvent the wheel badly, or base it on something
> > well written?  Hopefully, the more platforms PF gets "ported" to
> > (somehow, I think in the case of Windows, "ported" should go in quotes),
> > probably the better off the world is...

Furthermore, since I know these people who wrote this software, and have
even stayed at their homes for days at a time while visiting Argentina,
I fully support them :)

Reply | Threaded
Open this post in threaded view
|

Re: Endpoint security solution for Windows Systems based in OpenBSD

Theo de Raadt
>http://force.coresecurity.com/index.php?module=articles&func=display&
>ptid=10&catid=39&aid=16
> >
> > "The firewall is a Windows port of OpenBSD's Packet Filter (PF)"
> > that's just sick..!

I wanted to make one point about this.

pf is a small part of the whole system they are making available, or
of the effort they went through.  After all they had to write a heck
of a lot of code to interface to undocumented guts of Windows.

In the end, it is not a PF for Windows.  It is a much more complicated
thing than that, so you have to read more about it.

Reply | Threaded
Open this post in threaded view
|

Re: Endpoint security solution for Windows Systems based in OpenBSD

Eric Pancer
In reply to this post by Stuart Henderson
On Thu, 2005-12-01 at 13:18:41 +0000, Stuart Henderson proclaimed...

> "The firewall is a Windows port of OpenBSD's Packet Filter (PF)"
> that's just sick..!

Why is that sick? Are you some open source evangelist who can't see the
benefits of bringing the technology in OpenBSD to the masses?

Reply | Threaded
Open this post in threaded view
|

Re: Endpoint security solution for Windows Systems based in OpenBSD

Sean Comeau-2
In reply to this post by Stuart Henderson
On Thu, Dec 01, 2005 at 01:18:41PM +0000, Stuart Henderson wrote:
> --On 01 December 2005 05:02 -0800, Diego Fernando Nieto Moreno wrote:
>
> >http://force.coresecurity.com/index.php?module=articles&func=display&
> >ptid=10&catid=39&aid=16
>
> "The firewall is a Windows port of OpenBSD's Packet Filter (PF)"
> that's just sick..!
>

agreed, if by 'sick' you mean 'really awesome'

Reply | Threaded
Open this post in threaded view
|

Re: Endpoint security solution for Windows Systems based in OpenBSD

Stuart Henderson
On 2005/12/01 11:40:13, Sean Comeau wrote:

> On Thu, Dec 01, 2005 at 01:18:41PM +0000, Stuart Henderson wrote:
> > --On 01 December 2005 05:02 -0800, Diego Fernando Nieto Moreno wrote:
> >
> > >http://force.coresecurity.com/index.php?module=articles&func=display&
> > >ptid=10&catid=39&aid=16
> >
> > "The firewall is a Windows port of OpenBSD's Packet Filter (PF)"
> > that's just sick..!
>
> agreed, if by 'sick' you mean 'really awesome'

awesome: inspiring awe.

awe: A mixed emotion of reverence, respect, dread, and wonder inspired by
authority, genius, great beauty, sublimity, or might.

Ok, I'll go with that (:

Looking at it in more depth, there are parallels with systrace.
Certainly looks interesting and much-needed in the Windows world
where it's often difficult to use a normal system without
Administrator privileges.