*BSD discussion 
Mark 
Tue, 17 Jul 2001 07:38:32 -0700 

I spent the weekend playing around with FreeBSD 4.3 from a downloaded ISO and 
was able to get everything I needed working (networking, ppp dialup, pose, 
etc).  So I've gotten bitten by the BSD bug and want to learn about the other 
BSD distros and how they compare to each other.  I also really am interested 
in knowing if anyone has gotten java to run on any BSD variant and whether or 
not the jvm is production quality.

I've heard that OpenBSD is the most secure distro.  Is that accurate?  What 
are the major differences between FreeBSD, OpenBSD, and NetBSD?  What has 
everyone's experience been in terms of stability, upgradability, usability, 
and coolness factors?

Also, I read an atricle that favored FreeBSD overall (performance, security, 
usability).  Any comments?

Maybe this is a little different subject, but why did the CS department 
choose linux over bsd?  I was terribly surprised when I found out that 
FreeBSD is easier to secure and configure once installed than any linux 
distro.

Thanks,

Mark

Re: *BSD discussion 
Frank Sorenson 
Tue, 17 Jul 2001 09:10:48 -0700 

On Tue, 17 Jul 2001, Mark wrote:
> I spent the weekend playing around with FreeBSD 4.3 from a downloaded ISO and
> was able to get everything I needed working (networking, ppp dialup, pose,
> etc).  So I've gotten bitten by the BSD bug and want to learn about the other
> BSD distros and how they compare to each other.  I also really am interested
> in knowing if anyone has gotten java to run on any BSD variant and whether or
> not the jvm is production quality.
>
> I've heard that OpenBSD is the most secure distro.  Is that accurate?  What
> are the major differences between FreeBSD, OpenBSD, and NetBSD?  What has
> everyone's experience been in terms of stability, upgradability, usability,
> and coolness factors?
>
> Also, I read an atricle that favored FreeBSD overall (performance, security,
> usability).  Any comments?
>
> Maybe this is a little different subject, but why did the CS department
> choose linux over bsd?  I was terribly surprised when I found out that
> FreeBSD is easier to secure and configure once installed than any linux
> distro.
>
> Thanks,
>
> Mark

Whew.  That's a tough question.  Why did we choose Linux?  About two years
ago, the CS department was using Solaris x86 and still had some HPUX
boxes.  The Solaris was unimpressive, and the HPUX very expensive.  Both
had been hacked at some point before I took over.  The department knew
that we wouldn't be buying any more HP boxes (PC platform much cheaper,
but still has great performance), and that nobody was very attached to
Solaris.

We limped through a semester with Solaris while I convinced the department
that we'd be better off with either *BSD or Linux (that wasn't really too
hard, but people just needed time to get annoyed with Solaris).  I had
used BSD for 2-3 years, and Linux for over 4, so I knew that both had
good/bad points (imagine 7 booting Windows 95, NT 4.0, NT Server 4.0, an
old Slackware install, RedHat Linux, FreeBSD, and OpenLinux on one
computer).

One big problem with switching to something else was convincing people
that things would still be okay.  They liked the idea that "someone is
responsible, and can provide support" (ie. Sun or HP supposedly fixes
problems or stands behind their product).  Add to that the fact that
"everybody knows Linux is insecure" and "at least fewer people know
the bugs/holes in Solaris" and other fun arguments.

I think some of the biggest reasons that we went with Linux over BSD are
that I was more familiar with Linux and it was easier to find students to
work for me who knew or could learn Linux (I couldn't manage 75+ open
machines, 15 or so servers, and all the professor and research machines
without my great employees!).

I also think that Linux was easier to get and (in my opinion) install
(it's quite possible/likely that I'm wrong and/or that things have
changed since then).  Since a lot of the applications are the same between
*BSD and Linux, I don't see post-installation configuration as a very big
deal (for example, if it's Apache, I don't think it's significantly more
difficult/easier in one OS than another).

In then end, I was basically given the go-ahead in changing from Solaris
because I convinced enough people that we could make it work (after a
limited trial period).  Really, all most of the users (and
particularly the professors) really care about is that they can write
code, compile & debug, read and send email, use their odd window manager
and favorite terminal, that it runs whatever program their class requires,
and that they can have it at home too.

Both *BSD and Linux are good choices.  Both are pretty easy to obtain and
install.  Both have tons of programs (required when you have 4000 people
with accounts telling you they absolutely _HAVE_TO_HAVE_ just one simple
program, and "why didn't you install/upgrade that").  In the end, I had to
make a choice, so I picked the option that made the most sense to me (and
what I felt I could support best).

By getting good employees and paying careful attention to security holes
and bug fixes, we've managed to keep a lot of machines running without too
much problem.  All our machines run portsentry and some ipchains, they log
to a remote host, we regularly check for, download, and push out updates
to applications, and we keep track of network traffic and monitor the logs
for signs of problems.  To our knowlege, we haven't been hacked since the
change, though several CS users have tried, and we're always getting
attempts from elsewhere (please don't start now:).

We feel that we've succeeded in making most people happy with our
implementation of Linux on the machines (we hope).  Sorry about the long
post.  It's just a tough question to answer without the background.

Frank
---------------------------------------------------------------------------
Frank Sorenson, MCP CNA
CSR Computer Science Department
Brigham Young University
[EMAIL PROTECTED]