OpenBSD has focused on providing a free, functional, and secure operating system. The OpenBSD development team performs source-code audits of the core operating system in an effort to stamp out bugs, especially security-related bugs. There is also a strong cryptographic emphasis throughout the code in an attempt to protect and hide sensitive data. This has lead to an operating system that tends to be more secure out of the box.
However, like any operating system, the security of the host depends on the diligence of the operator. A heavily audited operating system such as OpenBSD can still be made vulnerable to simple attacks through misconfiguration or open policies. Host security is especially important to wireless stations, since the station computers are generally a weak and difficult link to manage in a wireless network.
OpenBSD shares features and architecture with some of the other free BSDs such as FreeBSD and NetBSD. OpenBSD’s wireless support is no exception. OpenBSD has pulled functionality and code from FreeBSD wireless subsystem, and FreeBSD has pulled from OpenBSD as well. In general, running a secure OpenBSD workstation is similar to a FreeBSD workstation. However, this chapter will cover some important differences.
Unless otherwise noted, the examples in this chapter are from the OpenBSD 3.1 release. OpenBSD may be obtained from http://www.openbsd.org/ and either purchased on CD or installed over the Internet. ...