Hi Erkki Lintunen schrieb: > > Hi, > > I think better approach would be to buy a security audit to a "LEAF > Bering-uClibc" setup you run. Buy two audits from different auditors to > gain more credibility, if necessary. Publishing those audits to LEAF > community would serve LEAF and open source in general as much as any > contribution of code, documentation etc.. Similarly if another does the > same thing, you could use the released audits to build recognition and > trust among those in doubt without "known names".
We are runnning LEAF on our company and customer firewalls along with distributed WRAP boxes as IPSEC endpoints on LEAF. The central firewalls run a pretty recent Bering whereas the distributed IPSEC endpoints are still based on Bering 1.2 for historical reasons (well, it is a big effort to upgrade all those remote boxes without a big system interrupt). Because of the scale of the operation the firewall software used for the central stations is firewall builder, which can load the iptables scripts using ssh to the firewalls. We are planning a security audit later this year and I hope it is sufficiently favorable for LEAF. I will try to publish if I ever get that far. cheers Erich ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
