OpenBSD: an untapped resource for tight security

In the latest in our series of features based on MSc theses from Royal Holloway University, learn why free OpenBSD operating system is a strong security feature for small companies on tight budgets. Also get info on installation problems, configurations and technical features.

Nick Humphrey can't see why more security professionals don't use the OpenBSD operating system. He has been working in security for a decade and has implemented the free software in a range of applications, and says its security features are top class.

"I have used OpenBSD in various capacities since around 2001 and have confidence in its high quality code and security features," he says. "I've worked with a few smaller companies who had extremely small IT/security budgets, and OpenBSD provides some amazing features that can only usually be found in pricey commercial products."

To find out more, read the latest in our series of features based on recent MSc theses at Royal Holloway University of London (RHUL), where Humphrey lays out the strengths of OpenBSD.

He says the reasons for it being ignored are quite simple. "The OpenBSD team develop it for themselves first and others second, so advocacy and promotion are never given a high priority," he says. "Secondly, OpenBSD may not be the easiest free operating system to install (compared to Ubuntu Linux, for example) for newcomers to UNIX, but those who have the patience to understand the basic mechanics of what is going on are rewarded with a logical, high quality baseline which they can build upon."

Currently working as head of the information security and compliance practice at CIO Consulting, Humphrey completed his MSc as a part-time student last year, and says the experience was so stimulating, he has already registered to go back to do a PhD at RHUL.

His enthusiasm for OpenBSD is based not only on the fact that it comes free (and should therefore appeal to companies with tight budgets) but because it is packed with lots of great technical features. "It does a great job in an infrastructure role (DNS, DHCP, web, mail, FTP) and also makes for a decent day-to-day workstation too," he says. "In my opinion, its biggest strength is in network security roles - IPSec VPNs are easy to configure and the pf firewall is simply superb."

To read Nick Humphrey's article, click HERE . The article also provides a link through to his full thesis.

Read more on Application security and coding requirements