Re: firewalls and bsd

To: Kenneth Scharf <scharkalvin@yahoo.com>
Cc: debian-user@lists.debian.org
Subject: Re: firewalls and bsd
From: "David S. Jackson" <dsj@dsj.net>
Date: Thu, 2 Dec 1999 11:12:13 -0500
Message-id: <[🔎] 19991202111213.U25108@sylvester.dsj.net>
Reply-to: "David S. Jackson" <dsj@dsj.net>
In-reply-to: <[🔎] 19991202133842.2029.qmail@web2102.mail.yahoo.com>; from Kenneth Scharf on Thu, Dec 02, 1999 at 05:38:42AM -0800
References: <[🔎] 19991202133842.2029.qmail@web2102.mail.yahoo.com>

So then Kenneth Scharf (scharkalvin@yahoo.com) said . . .

> If there are any debian-bsd people here maybe they can
> answer this.  I have been doing some reading and have
> heard that some of the BSD variants are considered a
> better canidate os for a firewall system than linux
> (herertic!).  OpenBSD in particular was highly
> regarded  in this (though it was said to be a RPITA to
> install).  Any thoughts on this out there?

OpenBSD is billed as "secure by default" and really isn't too bad to
install.  I installed it on some old Intel hardware easily.
Configuring it may be a pain, however, since many tools are quite
different from Linux's.  Also, few services are turned on by
default, which means you need to turn them on manually.  OpenBSD is
rather different from FreeBSD in that it doesn't use
/stand/sysinstall, but instead uses config scripts and lots of hand
editing, which I don't mind, but some people do.  Compiling custom
kernels is quite different too.  BSDs don't really use runlevels as
Linux does.  (FreeBSD was considering this possibility, though.)
Licensing is less restrictive than GNU licensing (although beware
flamewars on this topic).

The BSDs are extremely good, in my opinion.  I agree that they have
the most tried and tested TCP stack around, and they scale better
under heavy loads than Linux, in my experience.  

I have discovered a fair amount of BSD advocacy turned "anti-Linux".
Like Linux zealots, BSDers are not above snobbery.  Support for
FreeBSD is rather abundant, while support for OpenBSD and NetBSD are
a little less so.  OpenBSD has great support for strong Encryption,
since it's exported from Canada.  This may be less of an advantage
in the future since US crypto laws seem to be easing up, finally.

Finally, I would find someone in your locale whom you can ask BSD
questions to.  I found this valuable, since going from Linux to one
of the BSDs can seem nearly as large a culture shock as moving from
Windows to Linux.  Not quite that bad, but be prepared for another
learning curve.  That said, I think the curve is worth the time and
effort if you can manage it.  :-)

--
David S. Jackson                           http://www.dsj.net
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
"Out eth0, through the firewall, over the analog line, into usr1, past
 another firewall, through the gateway, out the T-3, off core2 in 
Atlanta . . . nothin' but Net."

Reply to:

References:
- firewalls and bsd
  - From: Kenneth Scharf <scharkalvin@yahoo.com>

Prev by Date: Want to upgrade distribution
Next by Date: Re: LPRng Printing Problem
Previous by thread: Re: firewalls and bsd
Next by thread: Re: firewalls and bsd
Index(es):
- Date
- Thread