On Mon, Mar 9, 2009 at 3:36 PM, irix <i...@ukr.net> wrote: > Hello Misc, > > In www.openbsd.org wrote "Only two remote holes in the default > install, in more than 10 years!", this not true. I using OpenBSD > like customer, not like administrator. And my OpenBSD were attacked, > by simple MiTM attack in arp protocol. How then can we talk about the " > security by default" ???? > For example, FreeBSD is decided very simply, with this patch > http://freecap.ru/if_ether.c.patch > When this is introduced in OpenBSD, so you can say with confidence > that the system really "Secure by default" ?
ARP is insecure by default. If you care, move to IPv6 and use IPSec/SeND.