Dmitri Nikulin wrote:
> Is there any reason NetBSD doesn't implement many preventative security 
> features?

Why do you think so - can you privide any examples of particular
security feature you'd like to see in NetBSD?

> Is there a reason these things (blackholes, randomization of kernel 
> data, etc) aren't done in NetBSD? If not, does anybody object to work 
> done to bring them in to -current? I'd certainly like features like 
> that, even if I have to code them myself.

Useful additions are always welcome :) But don't get yourself
fooled into thinking that certain things a bit more random provides
any security benefit.
 
> At the very least, the ability to run nmap against a NetBSD machine and 
> have it be completely unknown, even with plenty of open and closed ports 
> available. Free and OpenBSD can do this just with a few sysctl runs, 
> Linux stands no chance, but NetBSD should be up with its brothers and 
> not alongside Linux.

Why would anonymizing be any useful? Security by obscurity? 
 
Jaromir
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>            http://www.NetBSD.cz/
-=- We should be mindful of the potential goal, but as the Buddhist -=-
-=- masters say, ``You may notice during meditation that you        -=-
-=- sometimes levitate or glow.   Do not let this distract you.''   -=-