Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm having a tough choice between FreeBSD and RedHat operating systems. I've heard good things about both, I currently use RedHat 9.0 but I am interested in starting a Shell Server Hosting company, to host shell accounts (ex: ircd) can anyone help me with making a decision and tell me which one is better for this hosting?
Originally posted by secret_ident I'm having a tough choice between FreeBSD and RedHat operating systems. I've heard good things about both, I currently use RedHat 9.0 but I am interested in starting a Shell Server Hosting company, to host shell accounts (ex: ircd) can anyone help me with making a decision and tell me which one is better for this hosting?
Thanks
Daniel T.
One factor may make your choice a bit easier - official support for Red Hat 9 from Red Hat ends in April. Other vendors have indicated interest in supporting Red Hat 9 (Progeny comes to mind), but this may be one factor to consider.
Either system might make a decent choice, though the BSD systems tend to have a slightly better security track record. If you're using the system primarily for server hosting, you might even want to consider using OpenBSD, which has a terrific security record.
However, the differences aren't terribly great. You wouldn't go badly wrong with either choice, at least in my opinion.
For me, personally, I'd also consider putting together a Debian system. My biases are that I've become familiar with it, the system is conservative and also stresses strong security, it has excellent dependency management, so it is very easy to update.
If I were doing it, I know Debian and I have no reservations about using it. In fact, I'm pondering putting together business plans of my own for various products and services centered around a Debian core set of systems.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
I would definitely use OpenBSD for hosting shell accounts. That box is going to be hacked on 24x365 and you want something that can withstand the beating (and limit the damage if/when a user eventually manages to break something).
On another note, you might consider that 7 of the top 10 web hosting companies (according to Netcraft) use FreeBSD. That's a pretty strong endorsement for BSD's stability.
Originally posted by secret_ident so you would recommend Debian for company use?
which do you think would have the best security and be more stable
Yes, I would (and do) recommend Debian. Someone asked me which one that I'd personally stand behind, and that is the one.
As far as Netcraft statistics, about a week or so I was looking at Netcraft statistics, and the system I actually saw most frequently mentioned with the longest uptimes was consistently labeled BSD/OS, not FreeBSD or OpenBSD. BSD/OS, until recently, was actually a commercially produced BSD system, coming out of the BSDI work.
As far as free systems, OpenBSD rarely has any intrusions, so out of the free alternatives, that'd be the one to choose if statistics matter. Debian is pretty vigilant about security though, too, we're not talking about large differences in these figures.
It's definitely true, however, that BSD/OS carries, by far, the largest amount of traffic and extended uptimes without intrusions.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
masinick,
I have to take issue with the following statement:
Quote:
Debian is pretty vigilant about security though, too, we're not talking about large differences in these figures.
The difference is, the security measures in Debian are by way of additional packages, while the security measures in OpenBSD are enforced in the kernel and various pieces of the default userland. For instance, memory handling in OpenBSD is vastly more secure than any of the other popular OSs available today.
There's a difference between distributing a flavor of Linux with a lof of security precautions (things turned off by default, including popular security apps) and actually having a secure kernel (and not kernel extensions either, I'm talking about the stock kernel).
If someone is very familiar with hardening Debian and not familiar with *BSD, then probably the best option is Debian (at least, if they want to get setup quickly). If there's not an overwhelming difference in experience, or one can take the time to learn a few things before they "go live", then I would certainly recommend OpenBSD, simply because the underlying OS has much more thought put into security.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
By the way, the reference to FreeBSD being used at 7 of 10[1] top hosting providers is in reference to overall stability ove the last year, not longest uptime for a particular site.
See this article at Netcraft. Anyone can just leave a box on forever, but to run a reliable hosting provider with tens of thousands of sites hosted, that takes a stable OS.
[1] Correction: The article states "Seven of the top nine sites run on FreeBSD."
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
I would personally recommend OpenBSD if you have the time to learn it--else if you're already an expert (and I really mean expert) with a different OS, use that (no matter what it is, Win2K3, MacOS X, etc). As I said above, if it's a box that users are logging into locally it's going to get pounded on non-stop by people trying to exploit it. You want an OS that does a very good job of preventing and containing local exploits, and that would be OpenBSD.
ok well thanks, because the FreeBSD isn't letting me open the XFree86 windows part, and I don't know a lot of unix/dos commands, and hopefully OpenBSD will allow me that feature because I'm perdicting that with IRC and Web Hosting, I would be getting lots of traffic, and probably lots of ddoss attacks, which later after I install OpenBSD I can figure how to stop attacks.
Again, thank you everyone for all of your help and helping me choose a good OS
-- Daniel T.
My only problem is that the programs such ash Plesk, and Cpanel do not operate on OpenBSD
Last edited by secret_ident; 01-19-2004 at 01:00 AM.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Yeah, I agree. Putting X on a machine that will host shell accounts is not the best idea in the world...
In fact, I'm going to predict that you box is going to get rooted pretty quickly. If you're trying to host shell and web accounts, but cannot setup X on FreeBSD and don't know UNIX commands very well, then... well, you really shouldn't be hosting anything, yet. You're only setting yourself up for failure.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.