You are here: Home / OpenBSD


OpenBSD material

Zero to IPSec in 4 minutes on OpenBSD

This short article looks at how to get a fully functional IPSec VPN up and running between two fresh OpenBSD installations in about four minutes flat.

Zero to IPSec in 4 minutes on OpenBSD - Read More…

Gigabit OpenBrick recommendations

Links to gigabit-capable OpenBricks, including the Lex Twister, the current OpenBrick recommendation for VLAN firewalls, and the gigabit version of the OpenBrick-E

Gigabit OpenBrick recommendations - Read More…

OpenBSD 4.0 Firewall

How to build and configure a firewall on OpenBSD for bridging or routing (i386 Architecture)

OpenBSD 4.0 Firewall - Read More…

VLAN Routing Firewall Rules

Last updated 9/13/2007. A sample ingress and egress ruleset for common campus services and ports. See the update log in the comments.

VLAN Routing Firewall Rules - Read More…

VLAN Routing Firewall Configuration Tool

Paul Waterstraat's tool to create the proper custom network configuration files for your VLAN routing firewall. (Beta)

VLAN Routing Firewall Configuration Tool - Read More…


OpenBSD's FAQ page on FTP and FTP Proxy

FTP Proxy FAQ - Read More…

Insecure's ftp-proxy FAQ

A few things we've learned about ftp-proxy that aren't on the main ftp-proxy FAQ

Insecure's ftp-proxy FAQ - Read More…

Single user mode: reset root password

How to boot in single user mode and reset the root password

Single user mode: reset root password - Read More…

Copying a Compact Flash card with OpenBSD

Instructions on how to make a backup copy of your OpenBSD CF installation using a USB CF card reader

Copying a Compact Flash card with OpenBSD - Read More…

Defending your Network

IT Security Symposium 2005 lab + presentation on open source tools used to defend your network, including: nmap, Etherape, HOACD (Honeyd + OpenBSD + Arpd on CD), OpenIDS (Snort + friends), and MailDroid (SpamAssassin, CLAMAV, spamd, SquirrelMail + friends)

Defending your Network - Read More…



A picture of my OpenBrick, with an OpenBSD 3.5 CD for comparison.

OpenBrick-E - Read More…

Modelling, Validation, and Optimization of Distributed Firewalls

Fireman: Firewall Modeling and Analysis As part of this project, we propose to develop a unified framework for policy-checking, optimization, and auto-reconfiguration of distributed firewalls. This research will provide novel analysis, design techniques, and tools to better protect our critical information infrastructures from attacks. We target at providing consistent and efficient security protection for an enterprise that may have geographically distributed business networks served by different local Internet Service Providers. We adopt an inter-disciplinary technical approach that leverages multiway communications among the three PIs with expertise in networking, security, and programming languages and compilers areas to design an integrated solution. In particular, we propose a systematic treatment of the problem by casting it as a static program analysis question, exploiting well-established and rigorous techniques from the area of programming languages and compilers.

Modelling, Validation, and Optimization of Distributed Firewalls - Read More…

ComixWall ISG

A full-featured Internet Service gateway with OpenBSD/pf, DansGuardian web filter (anti-virus through ClamAV), Snort IDS and periodic rule updates by oinkmaster, ClamAV and periodic signature updates by freshclam, SpamAssassin, OpenBSD spamd: spam deferral daemon, P3scan: POP3 anti-virus/anti-spam proxy, smtp-gated: SMTP anti-virus/anti-spam proxy, Dante: SOCKS proxy, Squid: HTTP proxy, Apache Web Server (OpenBSD httpd), Pound: reverse-http proxy, OpenBSD ftp-proxy, IMSpector: IM proxy which supports MSN, IRC, Yahoo, etc., DNS server, DHCP server, OpenSSH

ComixWall ISG - Read More…

Campus Moobilenet Subnets

This is a list of Moobilenet IP address ranges from Mark Stinson for use with firewall rules. Posted to the TSP list on 11/1/2008.

Campus Moobilenet Subnets - Read More…

OpenBSD 3.5 on an OpenBrick-E

How to securely build, using local resources, a transparent bridging firewall using an Openbrick-E and OpenBSD 3.5. Using a 533MHz Via processor with 256MB of memory and a 512MB Compact Flash card, our OpenBrick has no moving parts. With 3 10/100 interfaces, that leaves one leftover for CARP!

OpenBSD 3.5 on an OpenBrick-E - Read More…