May 14, 2002

MicroBSD... All your BSDs are belong to us

An anonymous fan of NewsForge wrote in (but didn't include a link): "It seems a group of Unix Security Professionals are taking further initiatives to build a Secure, Hardened Posix1e draft OS. While building on the roots of FreeBSD and OpenBSD, for their known stability, security & robustness they have actually forked into a specialized hardened distribution. It seems as they are on their way to merge the best of both worlds back into one. While most "hardened" and "secured" distros these days seem to be Linux based, here is a solid entry from the BSD community."

MicroBSDs are stripped down hardened secure version builds. The concept for MicroBSD is a hardend secure Posix1e small foot print OS for x86/Alpha/Sun/PPC (or other) hardware to use as little hard disk space as possible yet provide fully functional Systems. Based on a complete server model, builds for Firewall/IDS/VPN/SMTP/WWW/DNS/FTP and other combinations will be developed over time. Systems features address all aspects of security. These builds are designed to take the work out of building secured network environments with specific features unique to each one. Basically a Secured manageable system build designed to do specific tasks.

* Posix1e Audit Controls & logging
* Mandatory Access Controls (In Progess)
* File System level ACLS (In Progess)
* Application/Users Access Controls (In Progress)
* Small Foot Print. No unneccesary bloat. under 10 megs or less
* Application Stack Hardening & Protection (Completed)
* PF Packet Filter
* Invisible Bridged Firewall Module
* IDS Sub-system Module (Completed)
* Anti-Virus Protection Module (In Progess)
* Fully Automated Update system (Future)
* Web Based Management System (Future)
* Multiple Authentication Mechanisms (LDAP/SQL/PAM) (In Progess)
* No System User Accounts
* Fully modular design
* Capable of running on disk, /cdrom or Compact Flash
* Full State-full packet inspection
* IPV4/IPV6 capable
* Optimized kernel for handling large traffic flows
* Embeddes Systems Designs
* No unnecessary daemons, services.
* Each build is specific to a task
* Easy to Install via our ftp server, cdrom and floppy disk
* NAT, Reverse NAT, FTP proxy support, one to one NAT
* Other specific features will be added specific to different builds


  • Unix
Click Here!