this post was submitted on 18 Aug 2023
418 points (100.0% liked)

Programmer Humor

418 readers
3 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 1 year ago
MODERATORS
Feyter@programming.dev
anzo@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
418
Would you agree? (programming.dev)
submitted 1 year ago by TechCodecPawx@programming.dev to c/programmer_humor@programming.dev
61 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] original_ish_name@lemm.ee 6 points 1 year ago (1 children)

No, firewalls should use openBSD

[–] towerful@programming.dev 7 points 1 year ago (1 children)

Why?
I've tried to Google this, but it's such a general statement I can't find anything about it.
Is it more mature in that regard? Sane/sensible/safe defaults for networking? More tools as part of the distribution for networking?
Did FreeBSD (or it's predecessor/upstream/whatever) define the standards, so the implementation is more correct?

Or is it just that so many firewall applications run on top of FreeBSD (or a BSD flavour) eg opnSense, pfSense, openWRT (is openWRT actually BSD, idk)?
So, kinda a historical/momentum thing. With the benefits of wide spread specific use

[–] LinuxSBC@lemm.ee 3 points 1 year ago (1 children)

OpenBSD is focused on being incredibly secure, and they generally succeed. Firewalls need good security.

[–] argv_minus_one 2 points 1 year ago* (last edited 1 year ago) (1 children)

Everything needs good security. Firewall devices only cover a specific, limited portion of the attack surface of machines behind them. One successful browser exploit or attack on an exposed port, and the firewall may as well be a paperweight.

[–] LinuxSBC@lemm.ee 2 points 1 year ago

True, but it's hard to get end users to use OpenBSD. It's really easy to make a firewall based on OpenBSD.