[ale] OpenBSD, FreeBSD

jj at spiderentertainment.com jj at spiderentertainment.com
Tue Dec 14 20:32:14 EST 1999


"Michael H. Warfield" wrote:

>         Theo?  A tad abrasive?  Nah!  :-)  (Duck)
>         Not as long as you have a thick skin.  (Duck again)

I'll list my self in their list servers.. I guess I'll find out if I have a thick
skin   (Duck)

>         For the record, I've shared a few beers with Theo.  I found him
> opinionated as I'm sure he found me (If he remembers me at all...  Gets
> a bit fuzzy after a few beers at 1AM in a bar in San Antonio).  I don't
> agree with all of his opinions and I'm sure he doesn't agree with all of
> mine.  He can be real hard on the nerves if you aren't prepared for him
> and I can really see where he would scare the bejesus out of newbies.
> Don't get into a debate with him unless you are REALLY prepared to defend
> your arguments rationally.  Over all...  I like dat man and respect him,
> even if I don't agree with him 100%.

Who is Theo ?

>         I would suggest looking over the Bastille Linux security hardening
> script.  They've just released version 1.0 to rave reviews at the SANS
> security conference.  This is second hand.  I haven't laid my hands on it
> personally, yet.  Planning on it for today or tomorrow so I can incorporate
> it into my upcoming security tutorials at LinuxWorld.  :-)  You might also
> want to look at the Lids (Linux Instrustion Detecton System) project but
> I'm not as comfortable with the direction that's going in (some of their
> stuff interfers with dynamic firewalls) and it's got a ways to maturity.

Can you post a message to ALE once you review 1.0 ?

>         Why would you think that?  I know of a lot of people who think just
> the opposite.  And *BSD is almost an oximoron in and of itself because of
> the differences between the BSDs.

So what would you recommend for a heavy duty intel based site, that has its share of
attacks ? I am mostly interested in the web/named applications.

>         I have Linux, FreeBSD, and OpenBSD (and SCO Unix, and Solaris, and
> Solaris x86, etc, etc) running side by side, here at home and at the office.
> I LIKE Linux.  FreeBSD and OpenBSD are perfectly acceptable with no
> prejudice against them or anyone that uses them in preference to Linux.
> But, realistically, none of them (Linux, OpenBSD, or FreeBSD) really blow
> the other two out of the water in security, reliablity, or performance
> The human factor there is just too big.

You are right. Perhaps I am asking the wrong question here. My goal here is to push
the software capability to its limit as getting another raid machine is a little too
expensive for my taste at the moment. And I need another machine or faster OS(if
there is anything faster the unix flavor)

I just got back to programming in Unix once again.
My goal here is to strip the kernel from alot of code. This might eliminate possible
bugs and even perhaps create some new ones. But the reason behind it is that there
is alot of stuff that I would not need normally, all I honestly need is Apache, ftp,
named, ssh, and sendmail. But I have one machine that is just running apache.
So I was thinking all I have to do is strip some of the ipcs, file system handling,
logging, change the net code a little, and a few other things. And before you think
I might be crazy or anything, I know how much work it does entail just to change one
of the key components here, and before you ask why, let me tell you that reducing
one instruction from my current kernel net code would save me X amount of money.
Getting another machine is just to expensive in hardware and man hours. Besides at
the moment all I could afford is 64MB of RAM considering it's current price.

One question if you could answer, I read on this list folks who say that FreeBSD is
ahead in its programming for SMP and I read folks who disagree, can you comment on
this ?

Thx for input. :)

--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.






More information about the Ale mailing list