Announcement

Collapse
No announcement yet.

Open source router

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • LosT
    replied
    Security through obscurity?

    Originally posted by Code_Dark
    Do you really want your router open source so that every hacker out there knows exactly how to exploit it..?


    - CD

    "security through obscurity..." you know the rest.

    LosT

    Leave a comment:


  • dYn4mic
    replied
    OpenBSD router and PF combo would be excellent... You could also use Zebra if you have some Cisco CLI/IOS skills... http://www.zebra.org/
    I think Zebra has been around a lot longer than XORP and has a bigger user base, but i could be wrong....
    Open Source routers are the way to go...

    Leave a comment:


  • yankee
    replied
    Originally posted by Code_Dark
    Do you really want your router open source so that every hacker out there knows exactly how to exploit it..?
    Really? Visit http://www.cisco.com/warp/public/707/advisory.html and count the vulnerabilities. Then visit
    http://www.openbsd.org and the first thing you will see is:

    "Only one remote hole in the default install, in more than 8 years!"

    Leave a comment:


  • TheCotMan
    replied
    Originally posted by z3r0_un0
    I say that too....the free code source expose the software to a many script kiddies......many bugs......etc.
    When you compare frequency of security holes in major opensource projects (apache, samba, openssl, openssh, Linux (kernel) etc) to those in MS Windows, you generally tend to find a greater _number_ of security holes reported and fixed in OpenSource software which get fixed in a timely manner, but the seriousness of security holes is more frequently not as severe as the number of severe security risks in MS Windows.

    MSIE still have about 26 (?) outstanding security holes which mostly deal with users visiting untrusted sites, which MS does not consider worth their effort to fix. These have remained for quite a while now, and can be found as parts of threads discussed in various full disclosure lists.

    An examination of the information found in an excellent book titled, "The Mythical Man-Month," should permit even a casual reader to understand that the number of bugs per line of code in OpenSource projects is likely to be similar to the number of bugs per line of code in closed-source projects. If this is the case, what is the difference? With OpenSource, there is a better chance for many eyes to find bugs and fix them. Reputations of coders ensure timely fixes to security holes. However, with closed source, the repairs to security risks are hidden, like landmines, waiting to be discovered. [Another good book to aid in understanding for motivation of OpenSource this is the well known book by Eric Raymond called "The Cathedral and the Bazaar: Musings on Linux and Open Source by an Accidental Revolutionary"]

    To make matters worse, when you buy closed source software, you buy into built-in obselecense, and there will come a time when that software with its hidden bugs will no longer be supported and you will be forced to pay more for the netxt version if you want security fixes.

    At least with Open Source, when a product reaches and End-Of-Life-Cycle, you can either use inside programmers to maintain it, or use the code on your own and maintain your own branch until you decide to upgrade; the point here is that you at least have a choice.

    This does not mean that OpenSource is the only way to go, but to assume that OpenSource is a greater risk for exploitation by hackers seems a bit short-sighted.

    Consider a sample case. Apache (OpenSource) has many things going for it, and its security record at present is much better than IIS. This is one of many reasons why an OpenSource project for a web server Outnumbers MS IIS web servers by over 3 to 1 and Apache has over 2/3rd of the WebServer market.

    [Edit: fix grammar and added content above in [ ] ]
    Last edited by TheCotMan; June 15, 2004, 16:10. Reason: fix some grammar, added content

    Leave a comment:


  • z3r0_un0
    replied
    Originally posted by Code_Dark
    Do you really want your router open source so that every hacker out there knows exactly how to exploit it..?


    - CD
    I say that too....the free code source expose the software to a many script kiddies......many bugs......etc.

    Leave a comment:


  • highwizard
    Guest replied
    Originally posted by Code_Dark
    Do you really want your router open source so that every hacker out there knows exactly how to exploit it..?


    - CD
    Yea, cause you know that is what OpenSource is all about..

    I think we have an ID10T error here.

    Leave a comment:


  • dataworm
    replied
    Originally posted by Roaming Gnome
    As with any open source product, the keys are flexibility and stability. If configured properly, it should prove secure for example SmoothWall. If that does not convince you, try an open source OS. Most flaws are user defined.

    RG
    Watch out OpenBSD, it's becoming a great router solution since CARP...

    Leave a comment:


  • dataworm
    replied
    Originally posted by Code_Dark
    Do you really want your router open source so that every hacker out there knows exactly how to exploit it..?


    - CD
    You really want to use a Closed Source router on witch source have been leaked?

    Leave a comment:


  • Roaming Gnome
    replied
    Open source

    As with any open source product, the keys are flexibility and stability. If configured properly, it should prove secure for example SmoothWall. If that does not convince you, try an open source OS. Most flaws are user defined.

    RG

    Leave a comment:


  • Code
    replied
    Do you really want your router open source so that every hacker out there knows exactly how to exploit it..?


    - CD

    Leave a comment:


  • yankee
    started a topic Open source router

    Open source router

    I came across this today, has anyone else seen it?

    http://www.xorp.org

    It's a modular, open source software router. If this is the kind of thing that spins your propeller, I would recommend reading the goals and architecture pdf. Being able to do things like adding your own user level commands or adding custom routing or security modules would be very cool.
Working...
X