Sponsors



SECURECon is endorsed by

OpenBSD - Explaining the benefits of secure by default

Neal Wise and Adrian Close 2005

Most technology is deployed with the default "from the vendor" configuration. Recent trends such as the release of Microsoft Windows XP SP2 reveal that vendors are finally getting the point that default configurations can be a source of security issues. OpenBSD is different. OpenBSD has a long history of attempting to put security first and being "secure by default" (a phrase OpenBSD originated in the mid-1990s). Most operating systems require significant "hardening" for suitability for deployment. This presentation discusses steps normally required in hardening operating systems and how those efforts are reflected in the approach of OpenBSD. Practical solutions for secure service platforms (firewalls, application servers, etc) will be discussed.

Presentation slides

About Neal Wise and Adrian Close

Prior to co-founding Assurance.com.au, Neal was the principal security consultant with Dimension Data Australia. Immigrating to Australia from the United States in 1998, Wise first worked for services company Synergy as a senior UNIX consultant. During this time Wise was an instructor for IBM and Tivoli education on massively parallel systems, enterprise storage, and enterprise systems and security management. Later Wise was a senior security consultant with ASX-listed security integrator eSec (now ASG).

Wise has been securing UNIX systems since 1990, and today his expertise is widely sought by education, industry and government. He delivers an annual IT security themed presentation to the Australian Federal Police College and Australian High-Tech Crime Centre in Canberra. And as a guest lecturer for the Royal Melbourne Institute of Technology's Masters of Information Security program, Wise is helping to shape tomorrow's IT security professionals. Wise is a Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA).

Adrian Close is a UNIX and information security professional with Fernhill Technology. Adrian has been designing and building commercial solutions on OpenBSD for several years. Adrian serves on the board of the Australian UNIX Users Group (AUUG) and was the Programme Chair for AUUG's annual conference for several years. Recently Adrian organised AUUG's Digital Pest Symposium which focused on unsolicited commercial email (spam) and malicious software. Adrian has entirely too many computers on his home network.