> OpenSMTPD does not listen to the internet, by default and even if you do set > it > to, it only affected certain configurations.
A server, which does not listen to the outside is pretty useless, don't you think? I did not bring up opensmtp, because it is particularly bad, quite to the contrary: even in very hardened systems bugs happen. You can patch these bugs and have a reasonable secure system, but it's an ongoing effort, not something you do just once. > How the heck sshd has such as good security record, considering all that it > does, interface wise, is rather astounding. I guess a remotely critical bug > may > be found there one day, but it does not affect my point! sshd has a good security record on openbsd, but even with sshd there were problems on other platforms, not caused by the core sshd or the openbsd team, but nonetheless a real issue. Closely related to openssh was openssl, which had a gaping hole that became known just a few years ago. I was not so much shocked about the fact, that there was a security hole in openssl, but how really stupid and unnecessary this whole issue was, what a stupid feature actually caused this bug to be deployed on so many platforms. Again, this is nothing specific to OpenBSD, but let's not delude outselves, that one can rollout some server and leave it as it is for years to come. > If your project, like most could; has made sane design choices for simple > interfaces then it certainly can be made very secure, remotely unhackable is > easier than you think for a modest project. A public facing server with ftp, http, smtp and sshd would have had to be patched in regular intervals to remain reasonably secure. Add a content management service to this configuration, and these "regular intervals" turn into very frequent occurrances. This is valid for low profile stuff, though. If you are something high profile, like a bank, it's a constant and ongoing effort to deal with hackers of all flavors. Cheers, Rudi
