A free 4.4BSD-based system capable of running on multiple platforms, such as:
DEC Alpha-based machines
DEC MIPS-based machines
Hewlett-Packard HP300/HP400 machines
Intel 80386 and up PC compatibles
Most&MC680x0-based Apple Macintoshs
And others.

And in OpenBSD developer's own word:
Pay attention to security problems and fix them before anyone else does. (Try to be the #1 most secure operating system)
A security-centric operating system, which is believed to be the most secure OS currently available. OpenBSD was started by Theo De Raadt after disagreements between himself and members of another BSD team. As a side note, FreeBSD does have more mainstream support in general, and is quite similar to OpenBSD, but only OpenBSD makes overall system security its primary focus. Including strong cryptography directly into the system itself, as well as many, many other enhancements, makes OpenBSD an ideal operating system for sites which may be focused on by crackers. Firewalls, VPN servers, and webservers are only a few areas in which OpenBSD shines due to its security-centric, crack-resistant system design. It should be noted that the OpenBSD team also created OpenSSH, a free implementation of the SSH (secure shell) protocol. (www.openssh.com)

Update: If you run OpenBSD, you may be interested in visiting the OpenBSD Metanode, a work in progress.. edit: which apparently has been deleted by the mods? ... sigh.

OpenBSD is a fork of NetBSD maintained by a very paranoid Canadian man and his cronies. The fork began when Theo was stripped of his NetBSD title for flaming the crap out of people. After losing access to the tree, he tried to submit patches, but they were sadly rejected, and despite talk by the NetBSD people of allowing Theo to merge them himself, Theo was not given CVS. After a few months of pleading with NetBSD's higher ranks, a fed up Theo decided to create his own tree in 1995. Since then it has become known for security. The basic security philosophy is:

  • Enable very few daemons by default, and have lean config files. "Secure by default".
  • Frequently audit code for exploitable bits

OpenBSD also has out-of-the-box crypto. It was one of the earlier UNIXish platforms to abolish telnet entirely in favor of ssh, with their free rewrite, OpenSSH.

It's certainly the best for an Internet gateway, firewall, et cetera. For a workstation, I'm not so sure it's all that necessary, because you'd just end up defeating the purpose by enabling a bunch of [potentially exploitable] daemons, changing config files and the like. In such a case it might make a little more sense to use NetBSD or FreeBSD (or of course, GNU/Linux..), leaving your OpenBSD boxen on the front lines of security.

Log in or register to write something here or to contact authors.