pfSense. Been running it on ALIX board for years. Love it.
http://www.pfsense.org/

From the article: "...making it a simple matter for an attacker to decrypt the traffic passing through the device". I'd think it would only be *to* the device.

Yeah. I had not read the exploit. It was apparently a Linux box that was compromised.

Ah. My bad. I just read the exploit summary.

I think this particular instance was more a matter of poor security practices in web development than underlying OS or web server, but it does seem a bit odd that a military branch would use Microsoft/IIS vice using a Unix or Linux platform. It appears that the U.S. Navy is also running IIS for their primary public site.

200 OK
Cache-Control: max-age=334
Connection: close
Date: Mon, 08 Nov 2010 16:56:47 GMT
ETag: "8094fdaf44cc81:287"
Server: Microsoft-IIS/6.0
Content-Location: http://www.navy.mil/usnhome.html
Content-Type: text/html
Last-Modified: Thu, 11 Oct 2007 20:24:13 GMT
Client-Date: Mon, 08 Nov 2010 16:56:48 GMT
Client-Peer: 96.17.8.152:80
Client-Response-Num: 1
Header: US Navy
X-Powered-By: ASP.NET

eherr@quark:~$ HEAD http://royalnavy.mod.uk/
200 OK
Date: Mon, 08 Nov 2010 15:51:01 GMT
Accept-Ranges: bytes
ETag: "0ee7b62b67dcb1:7904"
Server: Microsoft-IIS/6.0
Content-Length: 70
Content-Location: http://royalnavy.mod.uk/index.html
Content-Type: text/html
Last-Modified: Sat, 06 Nov 2010 13:27:40 GMT
Client-Date: Mon, 08 Nov 2010 15:51:03 GMT
Client-Peer: 94.236.30.11:80
Client-Response-Num: 1
X-Powered-By: ASP.NET