LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 03-26-2002, 02:41 PM   #1
tarballedtux
Member
 
Registered: Aug 2001
Location: Off the coast of Madadascar
Posts: 498

Rep: Reputation: 30
OpenBSD or NetBSD. FreeBSD?


I was thinking about making OpenBSD box, NetBSD box, or FreeBSD bos. Except I am confused about which is better for the purpose of making a firewall. The only experience I have is with RH6.2, 7.0, and 7.2. Although I think the experience isn't that deep. The OS should be able to do iptables, and support LNE100TX ethernet cards. Also ease of installation is a little problem, but is overlookable.

Thnaks in advance
 
Old 03-26-2002, 02:57 PM   #2
finegan
Guru
 
Registered: Aug 2001
Location: Dublin, Ireland
Distribution: Slackware
Posts: 5,700

Rep: Reputation: 57
The card is pretty generic, I know that FreeBSD supports it, although the differences between the BSDs are monstrous compared to the difference between the different distros.

IPtables is specific to the Linux Kernel, which the BSDs do not run. Not only that, its specific to the Linux kernel series 2.4.x, before that was ipchains, and back in 2.0.x land was ipfwd...er something.

There are firewalling tools for all of the others, and of the three, the least user friendly and the most neurotically secure by far is OpenBSD. No remote root in 4 years as they claim from OpenBSD.org.

Luck,

Finegan
 
Old 03-26-2002, 07:28 PM   #3
tarballedtux
Member
 
Registered: Aug 2001
Location: Off the coast of Madadascar
Posts: 498

Original Poster
Rep: Reputation: 30
Are there any other solutions as good as OpenBSD? I looked at there site and I found out that they dislike giving out ISOs. (By Dislike I mean they don't do it) And also that they don't run any other the Linux stuff I'm used to ipchains and the like.
I'm trying to lean away from the Linux distros for two reasons:
1) I want to learn something new.
2) It's come to my attention that Linux is inferior to *BSD series because once a hole is found in any Linux distro it brings down most of the others. And I guess *BSD doesn't do that. (I'm guessing most of this information)



Thanks in advance
 
Old 03-26-2002, 07:59 PM   #4
finegan
Guru
 
Registered: Aug 2001
Location: Dublin, Ireland
Distribution: Slackware
Posts: 5,700

Rep: Reputation: 57
OpenBSD is free if you want to do a net-installation. SuSe and RedHat I know off the top of my head do those too. Its quite easy. If you haven't found the page (its kinda buried), yeah they don't offer ISOs at all.

Net and FreeBSD both have freely available ISOs.

The idea behind Open was that it was a fracture group of NetBSD that wanted to get more involved in security, hence their rigid release schedule coupled with a front to back security audit every release. The idea behind Net was to add to the portability of FreeBSD. Right now I think NetBSD will run on anything from a Tomagotchi to a toaster. Their platforms supported page is kind of nuts.

FreeBSD is easily the most supported, quickest to bugfix, largest group of the three, and probably the easiest to get help with. All of them will support linux binaries, but not ipchains necessarily. To address your concerns numerically:

1. Hell yeah, you might also want to try LFS, track down a copy of X86 Solaris (cheaper than buying a sparc), and BeOS, QNX, UnixWare.

2. Very few of those instabilities have anything to do with the Linux kernel, but are really problems with the most popular different programs and daemons that are default shipped with the distros. Wu-FTPd, the raging river of suck in the world of security updates was a good example. Even the kings of sticking their head in the ground, RedHat, finally stopped shipping that monster with 7.2.

50% of these vulnerabilities apply to the BSDs too. They usually use the same stuff: same holes in Bind, same Sendmails, same SSH, etc.

Cheers,

Finegan
 
Old 03-27-2002, 01:30 AM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,285
Blog Entries: 54

Rep: Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854
Open doesn't ship iso's cuz for them shipping cd's is one of their sources of support. Considering the Open team also gave us OpenSSH, IMO thats a good argument to buy a cd. Anyway, the base OpenBSD (3.0) install tarballs weigh in at about 30 megs so that aint a major D/L.
 
Old 04-05-2002, 01:00 AM   #6
!!freebsddude
LQ Newbie
 
Registered: Apr 2002
Posts: 6

Rep: Reputation: 0
finegan: couldn't have said it any better myself. You could go with either OpenBSD and/or FreeBSD.

Here is a thread relating to the type of firewalls people use, it is either ipfw or ipfilter on FreeBSD or ipf on OpenBSD. You will hear people praise one or another but pick one based on requirements and personal preferences.

Also, here is another article on securing small networks with OpenBSD.

Good luck!
 
Old 04-05-2002, 01:56 AM   #7
reed
LQ Newbie
 
Registered: Mar 2002
Location: D.C. Area
Distribution: Rh 7.2
Posts: 25

Rep: Reputation: 15
OBSD

Just begun exploring OpenBSD3.0.
Small footprint, fast...
and 3.0 comes with a brand new highly configurable packet filter called pf for NAT and FW

I've ftp Insatlled OBSD and FBSD. The FBSD is more user friendly. OBSD is text based but pretty simple. The OBSD has installed, first try, on both machines I have it on. FBSD used to hang during the transactions and I'd have to try several mirrors to get it to complete.
very disturbing when it's half finished...

I used to have FBSD log issues on one machine (cyrix 486DX2)
not enough space on /var, The logs would fill up and scroll errors. I just didn't have any more disk space to spare. I'm sure I could have tweakecd it, but it was time to take OBSD for a ride.
OBSD has run without any such problem.

Both ran fine aon a Generic P4 1.5Ghz

$.02
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
FreeBSD or NetBSD mimithebrain General 10 08-30-2005 03:44 PM
FreeBSD vs. NetBSD vs. OpenBSD dsschanze *BSD 6 12-19-2004 02:59 PM
FreeBSD v NetBSD servnov *BSD 5 09-07-2004 09:05 PM
FreeBSD, OpenBSD, NetBSD, etc. Different ? d_kote23 *BSD 6 05-16-2004 01:31 PM
What is FreeBSD and NETBSD ? futurist Linux - Software 2 03-04-2004 09:39 PM


All times are GMT -5. The time now is 05:26 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration