Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
bsd
- Thread starter metrix007
- Start date
A lot of people think BSD is better in the ways you mention.
However, a lot of us (sand that includes me) just don't like the BSD way of doing things- we prefer Sys V'ish semantics.
I've had a lot of experience in both worlds- I've worked on Sunos (bsd style), Solaris (Sys V), SCO (Sys V) and of course Linux, and I'm sorry but I just don't like BSD. I used SCO as my desktop for years, and recently switched to Linux- never even considered BSD
However- my web server runs BSD
Tony Lawrence
SCO Unix/Linux Resources tony@pcunix.com
However, a lot of us (sand that includes me) just don't like the BSD way of doing things- we prefer Sys V'ish semantics.
I've had a lot of experience in both worlds- I've worked on Sunos (bsd style), Solaris (Sys V), SCO (Sys V) and of course Linux, and I'm sorry but I just don't like BSD. I used SCO as my desktop for years, and recently switched to Linux- never even considered BSD
However- my web server runs BSD
Tony LawrenceSCO Unix/Linux Resources tony@pcunix.com
- Thread starter
- #3
The BSD zealots will certainly tell you so.
But what's "technical superority" mean anyway? SCO's Unixware for years was acknowledged as "technically" superor- faster, truer, brave, loyal, trustworthy- but it never gained more than a tiny percentage of market share. Technically, it's a hell of an OS- but so what?
The folks who designed NT will tell you that is technically superior to anything yet seen on this planet- read their book, they pat themselves on the shoulder so much it must hurt! Do you want to run NT?
Solaris on Sun hardware is a pretty rocking OS. Lots of folks would give you pages of reasons why it beats the heck out of anything else. Do you want to buy a Sparc?
Linux has the apps. Apps are more important than technical superiority.
Tony Lawrence
SCO Unix/Linux Resources tony@pcunix.com
But what's "technical superority" mean anyway? SCO's Unixware for years was acknowledged as "technically" superor- faster, truer, brave, loyal, trustworthy- but it never gained more than a tiny percentage of market share. Technically, it's a hell of an OS- but so what?
The folks who designed NT will tell you that is technically superior to anything yet seen on this planet- read their book, they pat themselves on the shoulder so much it must hurt! Do you want to run NT?
Solaris on Sun hardware is a pretty rocking OS. Lots of folks would give you pages of reasons why it beats the heck out of anything else. Do you want to buy a Sparc?
Linux has the apps. Apps are more important than technical superiority.
Tony Lawrence
SCO Unix/Linux Resources tony@pcunix.com
Just another comment:
I ran SCO 3.2 Unix as my desktop since the mid 1980's. It was always rock solid stable year after year. For example, except when I was writing and testing a driver, it never crashed. I could have left it running for years on end if I had wanted to. Stable, reliable, solid.
I run Linux, Redhat 7.1, now as my desktop. It fails at least once a week, often when I'm doing nothing more horrid than what I'm doing right now- typing this. Admittedly, the physical environment here is tough- this machine is loaded with scsi devices and I don't blame the kernel for getting upset now and then- but the SCO 3.2 NEVER had a problem with this hardware.
So, you might think I'd want to put SCO back on. Nope. SCO doesn't have the apps, and compiling from source is often a major chore (in its favor, there are a lot of precompiled things at - but it's nothing like what's available for Linux).
As I mentioned above, my web server runs BSD, That's been pretty reliable too- although it has gone down now and then. Definitely more reliable than my Linux box, though, so why not run BSD? Well, as I said, I just don't LIKE BSD. I don't like where they put things, I don't like the command syntax, and finally (again) the apps just aren't there.
Linux is just more fun.
Tony Lawrence
SCO Unix/Linux Resources tony@pcunix.com
I ran SCO 3.2 Unix as my desktop since the mid 1980's. It was always rock solid stable year after year. For example, except when I was writing and testing a driver, it never crashed. I could have left it running for years on end if I had wanted to. Stable, reliable, solid.
I run Linux, Redhat 7.1, now as my desktop. It fails at least once a week, often when I'm doing nothing more horrid than what I'm doing right now- typing this. Admittedly, the physical environment here is tough- this machine is loaded with scsi devices and I don't blame the kernel for getting upset now and then- but the SCO 3.2 NEVER had a problem with this hardware.
So, you might think I'd want to put SCO back on. Nope. SCO doesn't have the apps, and compiling from source is often a major chore (in its favor, there are a lot of precompiled things at - but it's nothing like what's available for Linux).
As I mentioned above, my web server runs BSD, That's been pretty reliable too- although it has gone down now and then. Definitely more reliable than my Linux box, though, so why not run BSD? Well, as I said, I just don't LIKE BSD. I don't like where they put things, I don't like the command syntax, and finally (again) the apps just aren't there.
Linux is just more fun.
Tony Lawrence
SCO Unix/Linux Resources tony@pcunix.com
OK, but FreeBSD has all the standard Unix apps, and it can run any Linux app out there also. Linux is more popular for other reasons, primarily being that it hit the imagination of the young hacker set, having a cool story behind it (young Linus the lone hacker out to change the world).
I am not belittling the accomplishments of Linux. It is playing a vital part in what is going on in the world of computing, but the BSDs can do just about anything Linux can, just with considerably less noise surrounding it. The BSD people have been quietly improving and extending the OS during the whole lifetime of Linux.
I used Linux before FreeBSD, and I personally prefer the system layout and semantics. Everything is more organized and clearly layed out than any Linux, with the possible exception of Slackware.
Overall there are pros and cons to either OS, but they are both very similar in ability. Linux tends to have cutting-edge hardware support sooner than FreeBSD, and has more desktop toys, and graphical apps. However, I have not seen anything like the stability of FreeBSD in any other OS. I tend to recommend Linux as a workstation, and FreeBSD as a server. -------------------
Current reading --
I am not belittling the accomplishments of Linux. It is playing a vital part in what is going on in the world of computing, but the BSDs can do just about anything Linux can, just with considerably less noise surrounding it. The BSD people have been quietly improving and extending the OS during the whole lifetime of Linux.
I used Linux before FreeBSD, and I personally prefer the system layout and semantics. Everything is more organized and clearly layed out than any Linux, with the possible exception of Slackware.
Overall there are pros and cons to either OS, but they are both very similar in ability. Linux tends to have cutting-edge hardware support sooner than FreeBSD, and has more desktop toys, and graphical apps. However, I have not seen anything like the stability of FreeBSD in any other OS. I tend to recommend Linux as a workstation, and FreeBSD as a server. -------------------
Current reading --
I run a novell/linux shop. I find that the linux servers
are better performing and more stable than their novell
counterparts.
If you know how to administer a network and are familiar
with matching hardware to its purpose then linux suffices
very well.
I know bsd zealots (ispfolks) who won't run linux because
it is "insecure": that run finger servers, telnet servers,
etc...on publically accessible interfaces. They wonder
why they get rooted with the indestructible OS..
I admit that the bugs in linux software can be very bad.
If you don't like it and can't keep up then play safe
and run OpenBSD, very stable and out of the box safe.
However it is not bugfree.
Check out for recent problems.
Performance/Safety wise:
I run a linux webserver with 2.4.12,1.3 ghz tbird and
soft (ide) raid: apache 1.3.20, that is incredibly
responsive and has an average uptime of about 125 days.
(Due to maintenance or kernel rebuilds). You can never
be totally sure about security, but with tripwire, snort,
a custom logcheck server,etc..and vigilance it is as
safe as it can be.
As far as running a server class machine with "all kinds
of scsi devices.." as your desktop..I wouldn't do it and
don't. LT has admitted that the scsi support for linux
needs to be rewritten. Redhat is kind of a dotty distro
in my opinion anyway. Alan can only make things better
there.
I take exception only with the bsd 'leet' attitude,
not the OS.
are better performing and more stable than their novell
counterparts.
If you know how to administer a network and are familiar
with matching hardware to its purpose then linux suffices
very well.
I know bsd zealots (ispfolks) who won't run linux because
it is "insecure": that run finger servers, telnet servers,
etc...on publically accessible interfaces. They wonder
why they get rooted with the indestructible OS..
I admit that the bugs in linux software can be very bad.
If you don't like it and can't keep up then play safe
and run OpenBSD, very stable and out of the box safe.
However it is not bugfree.
Check out for recent problems.
Performance/Safety wise:
I run a linux webserver with 2.4.12,1.3 ghz tbird and
soft (ide) raid: apache 1.3.20, that is incredibly
responsive and has an average uptime of about 125 days.
(Due to maintenance or kernel rebuilds). You can never
be totally sure about security, but with tripwire, snort,
a custom logcheck server,etc..and vigilance it is as
safe as it can be.
As far as running a server class machine with "all kinds
of scsi devices.." as your desktop..I wouldn't do it and
don't. LT has admitted that the scsi support for linux
needs to be rewritten. Redhat is kind of a dotty distro
in my opinion anyway. Alan can only make things better
there.
I take exception only with the bsd 'leet' attitude,
not the OS.
Agreed. I take exception to anyone's leet attitude. Once you start looking closely, there are pros and cons with all major computer technologies. That's why it is important in our jobs to always be weighing the alternatives. -------------------
Current reading --
Current reading --
- Thread starter
- #9
- Thread starter
- #10
- Thread starter
- #11
Until recently, the BSD's had significantly better network performance than Linux, but that has changed with the rewritten Linux network stack. Now they are both fairly similar in performance.
As far as OpenBSD, I have known a couple BSD experts who aren't so hot on OpenBSD, because the kernel is actually a little "too paranoid", meaning it is not quite as stable as FreeBSD or NetBSD. Remember also, OpenBSD's claim to being the most secure is with it's default install. In order to achieve true security with any Unix OS, you need to customize your installation carefully to meet your needs. In the end, any o the BSD's can have pretty much the same level of security, once you learn how to configure it.
Linux has historically had a few more security problems than the BSDs, mainly because of the many different distributions out there, each with its own default install, while there are only 4 main BSD versions out there. In the end, though, a careful installation of Linux can be pretty much as secure.
Most of the reasons to choose BSD or Linux are personal preference, but in general, the way to think of it is:
- Linux has more nice user tools, GUI controls, etc...
- FreeBSD, etc... are meant more for the "do-it-yourselfer"
Also, FreeBSD is a true Unix, in fact deriving directly from the orinal ATT/Berkely Unix of the 70s, so if you want to learn Unix in general, FreeBSD is an excellent choice. -------------------
Current reading --
As far as OpenBSD, I have known a couple BSD experts who aren't so hot on OpenBSD, because the kernel is actually a little "too paranoid", meaning it is not quite as stable as FreeBSD or NetBSD. Remember also, OpenBSD's claim to being the most secure is with it's default install. In order to achieve true security with any Unix OS, you need to customize your installation carefully to meet your needs. In the end, any o the BSD's can have pretty much the same level of security, once you learn how to configure it.
Linux has historically had a few more security problems than the BSDs, mainly because of the many different distributions out there, each with its own default install, while there are only 4 main BSD versions out there. In the end, though, a careful installation of Linux can be pretty much as secure.
Most of the reasons to choose BSD or Linux are personal preference, but in general, the way to think of it is:
- Linux has more nice user tools, GUI controls, etc...
- FreeBSD, etc... are meant more for the "do-it-yourselfer"
Also, FreeBSD is a true Unix, in fact deriving directly from the orinal ATT/Berkely Unix of the 70s, so if you want to learn Unix in general, FreeBSD is an excellent choice. -------------------
Current reading --
- Thread starter
- #13
thanks rycamor, although i though 'true unix' was not open source, so how could bsd be a true unix? would you mind me emailing you to continue asking you some questions? also isnt slackware the closest to the posix standard, and also more do it your self? and here are some quotes, would you plese be so kind as to explain them more simply?
"It doesn't stop there. Some firewalls apply the first matching rule within a ruleset to a datagram (very efficient, but possibly less secure), while others apply a datagram to the entire ruleset before making a decision as to what to do with that packet (extremely innefficient, but probably more secure). Even if both firewalls were coded exactly the same (very unlikely, given with software engineering there's around "1 x a shitload" of ways to do the same thing), algorithmical differences in the fundamental design can be all the difference between a firewall that stands up to a DoS, and one that doesn't. "
"Simply having services turned off does not make a machine secure. I feel I've been very clear on this point before. For example, if in the above machines, one was to be using `pf' with the other utilising `ipchains', there would be differences. For example, AFAIK (correct me if I am wrong), `ipchains' is not stateful. `pf' is. Already, there is a clear winner in terms of efficiency - one of the points I raised earlier.
By the same token, consider a DoS attack. A packet filtering firewall must inspect a packet before it drops it, right? So, if packets are transmitted quicker than a CPU can match them against a given set of rules and discard them, then the machine could potentially crash, right? So, there is also a clear winner in terms of stability - one of the points I raised earlier."
i think that is basicly saying that ipchains is crap, and pf/ipf is better, how does this compare to iptables? and is that info correct?
"It doesn't stop there. Some firewalls apply the first matching rule within a ruleset to a datagram (very efficient, but possibly less secure), while others apply a datagram to the entire ruleset before making a decision as to what to do with that packet (extremely innefficient, but probably more secure). Even if both firewalls were coded exactly the same (very unlikely, given with software engineering there's around "1 x a shitload" of ways to do the same thing), algorithmical differences in the fundamental design can be all the difference between a firewall that stands up to a DoS, and one that doesn't. "
"Simply having services turned off does not make a machine secure. I feel I've been very clear on this point before. For example, if in the above machines, one was to be using `pf' with the other utilising `ipchains', there would be differences. For example, AFAIK (correct me if I am wrong), `ipchains' is not stateful. `pf' is. Already, there is a clear winner in terms of efficiency - one of the points I raised earlier.
By the same token, consider a DoS attack. A packet filtering firewall must inspect a packet before it drops it, right? So, if packets are transmitted quicker than a CPU can match them against a given set of rules and discard them, then the machine could potentially crash, right? So, there is also a clear winner in terms of stability - one of the points I raised earlier."
i think that is basicly saying that ipchains is crap, and pf/ipf is better, how does this compare to iptables? and is that info correct?
Well... that's a mouthful of questions ;-).
I'm not quite ready to post my email address, but if you want to post yours here, I might (might!) reply. I generally tend to prefer keeping these things in the public forums, though, because it benefits everyone the most when we can discuss, and have our ideas challenged, etc...
To understand why FreeBSD is a true Unix, you have to look at the history of BSD, and Unix itself ( Essentially, when the University of California at Berkeley wanted to release an open version of BSD Unix, there was a fight with AT&T, who had helped develop BSD. It was finally resolved by stripping out the AT&T proprietary code. Thus, FreeBSD is the original Berkeley Unix, with a few areas replaced by additional code from--the University of California at Berkeley. Pretty darn authentic, if you ask me.
Also, you must remember that this was done right around the time that Linus Torvalds was just beginning to develop Linux. Thus a mature OS was released as open source while Linux was just a development kernel and some utilities.
FreeBSD was released with a completely different license from Linux. The Linux GPL specifically forbids anyone from using source code in other proprietary products. The BSD open license allows you to do anything you want with the source code, up to, and including making any piece of code a part of your proprietary product. Many GNU supporters claim that this approach harms the whole open source movement, allowing businesses to "steal" the work of BSD programmers. Well, the BSD programmers appear to be quite comfortable with this, and BSD code has been used in many interesting places, including quite a bit of networking components of Windows 2000/XP. (This was admitted by Microsoft, as is their legal duty according to the BSD license-- you have to at least give BSD credit for inclusion of the code) Also, the new Apple OS X owes quite a lot of it's core to FreeBSD. Also, many of these companies see the benefit of contributing money and research efforts to the FreeBSD project.
This whole process hasn't seemed to harm the development of FreeBSD in the least; it's development team is thriving. I suspect that quite a lot of modern networking and OS code owes some of its success to FreeBSD. The FreeBSD network stack has especially been the subject of serious study, since apparently no one has been able to significantly improve on it's core algorithms in years. (Disclaimer: I am not an expert in kernel hacking, so don't take my word here as absolute)
POSIX compliance is not the same thing as Unix. Even Windows NT was supposed to be POSIX-compliant (I'm sure there's room for debate here ;-)).
So... that's the historical (or hysterical) context of all this.
Slackware and Debian are both "do-it-yourself" type Linux systems. Slackware development was actually pretty closely aligned with FreeBSD for awhile, and thus it works very similarly. Slackware is probably the closest Linux comes to a BSD Unix. Thus my two favorite OS's are FreeBSD, and Slackware. I still give FreeBSD slightly better marks as a server, though. I have had absolutely NO problems with the FreeBSD ever, as a server.
As to your question about ipfilter/ipchains, I can't really comment. I have not really had to use either, and my firewall needs are fairly modest, so I haven't really spent much time exploring the alternatives. I use ipfw, though, which is the standard NAT firewall for FreeBSD, and it works as smoothly as I could hope. If you have any more questions about advanced BSD firewalling, ask in the FreeBSD forum, and member "aaxvp" (who is a good friend of mine) will be able to help you more. -------------------
Current reading --
I'm not quite ready to post my email address, but if you want to post yours here, I might (might!) reply. I generally tend to prefer keeping these things in the public forums, though, because it benefits everyone the most when we can discuss, and have our ideas challenged, etc...
To understand why FreeBSD is a true Unix, you have to look at the history of BSD, and Unix itself ( Essentially, when the University of California at Berkeley wanted to release an open version of BSD Unix, there was a fight with AT&T, who had helped develop BSD. It was finally resolved by stripping out the AT&T proprietary code. Thus, FreeBSD is the original Berkeley Unix, with a few areas replaced by additional code from--the University of California at Berkeley. Pretty darn authentic, if you ask me.
Also, you must remember that this was done right around the time that Linus Torvalds was just beginning to develop Linux. Thus a mature OS was released as open source while Linux was just a development kernel and some utilities.
FreeBSD was released with a completely different license from Linux. The Linux GPL specifically forbids anyone from using source code in other proprietary products. The BSD open license allows you to do anything you want with the source code, up to, and including making any piece of code a part of your proprietary product. Many GNU supporters claim that this approach harms the whole open source movement, allowing businesses to "steal" the work of BSD programmers. Well, the BSD programmers appear to be quite comfortable with this, and BSD code has been used in many interesting places, including quite a bit of networking components of Windows 2000/XP. (This was admitted by Microsoft, as is their legal duty according to the BSD license-- you have to at least give BSD credit for inclusion of the code) Also, the new Apple OS X owes quite a lot of it's core to FreeBSD. Also, many of these companies see the benefit of contributing money and research efforts to the FreeBSD project.
This whole process hasn't seemed to harm the development of FreeBSD in the least; it's development team is thriving. I suspect that quite a lot of modern networking and OS code owes some of its success to FreeBSD. The FreeBSD network stack has especially been the subject of serious study, since apparently no one has been able to significantly improve on it's core algorithms in years. (Disclaimer: I am not an expert in kernel hacking, so don't take my word here as absolute)
POSIX compliance is not the same thing as Unix. Even Windows NT was supposed to be POSIX-compliant (I'm sure there's room for debate here ;-)).
So... that's the historical (or hysterical) context of all this.
Slackware and Debian are both "do-it-yourself" type Linux systems. Slackware development was actually pretty closely aligned with FreeBSD for awhile, and thus it works very similarly. Slackware is probably the closest Linux comes to a BSD Unix. Thus my two favorite OS's are FreeBSD, and Slackware. I still give FreeBSD slightly better marks as a server, though. I have had absolutely NO problems with the FreeBSD ever, as a server.
As to your question about ipfilter/ipchains, I can't really comment. I have not really had to use either, and my firewall needs are fairly modest, so I haven't really spent much time exploring the alternatives. I use ipfw, though, which is the standard NAT firewall for FreeBSD, and it works as smoothly as I could hope. If you have any more questions about advanced BSD firewalling, ask in the FreeBSD forum, and member "aaxvp" (who is a good friend of mine) will be able to help you more. -------------------
Current reading --
- Thread starter
- #15
- Status
Similar threads
- Locked
- Question