Hi! No, i have not heard about any script that does that for you on OpenBSD, your only option as i see it, is for you to unpack src.tar.gz and src.tar.gz to /usr/src and download the patches that http://www.openbsd.org provide you with. Apply the patches to the sourcetree and follow instructions for each one of them on how to compile and install them from the sourcetree.
TIP! Each patch is a textfile, read the first line of them for instructions on how to apply them. Regarding other protection, there is not very much you can do (at least with the default install) except building a good ruleset with PF, to keep out any unwanted traffic. If you also fell up to it, you can "clean" incoming ip-packets by passing "scrub" options to PF, in order to protect weak services you might have running on your machine. If you bought an official OpenBSD discset, then the sourcecode i mentioned should be located on cd3 (if i remember correct) if not, you can download it from OpenBSD�s ftp, or a mirror. Pathes for OpenBSD http://www.openbsd.org/errata.html OpenBSD FAQ (read it!) http://www.openbsd.org/faq/index.html pf.conf MAN-page http://www.openbsd.org/cgi-bin/man.cgi?query=pf.conf&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html Regards. /Omas Jakobsson Eric Friedrich skrev: > > I've sucessfully set up a home LAN with NAT, OpenBSD firewall, and all > the goodies. However, I'm wondering what the next step is. As far as > system maintenance, I know that all OS's require constant patches, but I > have no idea what that involves as far as OpenBSD goes, is there a > program out there which will update the system for me? > Also, I've heard of attacks using other protocols, and such, what > other security measures can I implement aside from only opening the > necessary ports with PF? Is there anything to protect against non tcp > attacks, DOS attacks and other ones I'm not mentiong? Thanks, > > limited
