-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hello, 
i've recently taken up the task of setting up a netbsd box here on my lan 
that will be used in the dmz, I just googled a little for papers over 
securing netbsd and didnt find much - what I am looking for basically is 
not your average hardening <insert os name here> paper, I know how to shut 
off uneecssary services and how to setup a firewall/etc, what I am more 
looking for are things like, making certain areas of memory 
non-executable, randomizing base addresses, restricting chroot some, etc -
is there anything like this that exists for netbsd or am i stuck doing a 
roll your own type thing here?

I would imagine it wouldnt be incredibly hard to port stuff from openbsd 
to freebsd, although honestly I am not very familar with the internals of 
either kernel- so yes thats basically what I am looking for, papers or 
programs that even briefly discuss the subject and also, where is a good 
description of the sysctl's? particularly the security related ones, going 
through man pages and header files proved frustrating as many of them said 
the same thing (i.e. 'this sysctl determines the security level, it can 
only be raised and not lowered' or similar, but doesnt tell you what is 
included/what happens as each one is raised)

any help would be appreciated, and those of you involved with developing 
netbsd, or really anything in general, keep up the good work ;]

jnf

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (OpenBSD)

iD8DBQFAQIBDsKAeTAhLiCERApyPAJ0U/u8muik9q97IXttYNo854r2WdwCfZ8g7
MnqpV0A4kE+euOv66D+RH/s=
=F1ZS
-----END PGP SIGNATURE-----