Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Tired of Virus and Microsoft wnat advice

Status
Not open for further replies.
mcjdaddy

mcjdaddy

Instructor
Dec 17, 2003
37
0
0
US
I have been an MCSE , MCT with Microsoft since 3.51 server. I am getting so sick of the overhead that it takes to run a Microsoft server as well as a desktop environment.

I am tired of constantly fighting virus targeted at Microsoft platforms.

I am looking to move my whole company of 150 desktops and 5 servers to Linux. Any suggestions as what to read, what platform to use for the servers as well as the desktops, as well as, firewall, email, web services, sql and backup systems to replace Microsoft servers would be helpfull?

I am basically looking for a headstart on my research in making replacement decisions. Any help will be appreciated.

Another question will this help prevent the majority of virus's and backdoor trojans that are released these days?
 
Sort by date Sort by votes
OOOOOhhhhhhh Baby, I love seeing this happen.
Welcome to the Good Side!! :)

OK, you need to learn a few key points to drive your effort.

1) In linux, "samba" is the file and print sharing service that you could implement without bothering your workstations. When done properly, the clients cannot tell that linux is handling their file and print shares. Always a nice first step to impress your boss.

2) In linux, MS Exchange server functionality is hard to duplicate IF you are using shared calendars. It can be done with various groupware products available for free, but it's not a typical default in linux.

3) Linux email solutions are diverse with many options for anti-virus, anti-spam, mailing lists, forwarding, and lots of options for redundancy to avoid loss of service. This makes the decision a little hard when starting out.

I prefer qmail as the "mail server" (MTA in linux parlance). Others are sendmail (the defacto MTA on most distributions, but beastly hard to understand), postfix, exim, and a host of others.

Why do I prefer qmail as MTA? It's fast, secure, well documented and has many plugins for various functionalities I need (AV, Anti-Spam, forwards, etc). qmail is not for the feint of heart to install, but it is EXTREMELY good at doing its job when implemented well. This webserver guide is the most excellent way to put together qmail with a bunch of goodies. Don't be scared at its length, just follow along - its a recipe.

4) As for "which linux", this topic has been the source of millions of lines of passionate arguments by backers of specific distributions. Very much a preference-based discussion with strong biases towards "the one I like".

What I think you should know is that distributions vary on a handful of key points:

a) Support. Do you want paid support or are you content to live with the documentation posted on the 'net.
b) Package management. Inevitably your softwares need updating to address bugs, security issues, or new functionality. How does the distribution provide new packages to the user community, how often, and how much of a pain in the ass is their package management tool to use
c) Target functionality of the OS. Many linux distros are bred for special purposes such as embedded computing, sleek firewalls, CD-ROM runnables, and general use. You are looking for a distro that can be installed on generally any machine you'd need it to.
d) Cost. Some distros are free, some have a fee (see "a" above). Paying a fee DOES NOT directly correlate to the quality, usability, or anything else about the product. Paying the fee SHOULD get you SOMETHING extra beyond what the free distros offer.

I find that a number of distributions are offered as "server", "workstation", and "advanced something" versions of their linux. I view these dimly because these distros are also generally the ones for sale (see "a" and "d"). In reality, linux distros are generally installable in whatever clothes you want to put them into - you just need to make conscious decisions about whether the machine needs to function as a server, workstation, firewall, etc. The decisions generally resolve around which packages you want to install (see "b") such as a GUI, mail server, DNS server, productivity applications, etc. ALL GENERAL PURPOSE DISTROS offer these choices. Those that don't are either Special Purpose (see "c") or are trying to get you to pay more for something that was free elsewhere.

Please don't hesitate to ask specific questions of us in this forum. I know we all have a great deal of experience and would like to help you in making the decisions and selling the change.

Best of luck.
Dave.

Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
 
Upvote 0 Downvote
Thank you. Good to see that people are still willing to help in making honest I.T. decisions.

Here is the scenario currently. I am now a business owner that employees over 200 people that share 120 desktops on different shifts. Only 20 of the people are employees and need email. The other 100 work directly from a desktop that has Internet Explorer that triggers an ActiveX control that runs an ASP to a MS SQL Database.

I feel I can move the database to MySQL from MS SQL server and get the scripts that are written in perl/java to run without a problem.


The other Staff however needs a strong office program to use spreedsheets and word processing. I assumed I could keeps them on the Windows 2000 environment with MS Office for now.

Doing all of this I would like to keep my Exchange server because of calandar sharing and active directory structure for the 20 people remaining on the Microsoft platforms.

A few questions:

Is Samba as easy as it sounds to do Server integration with Microsoft? any tips...

What can I do to replace Veritas Backup exec?

Do I need an antivirus program for the linux boxes? If so what is it...

Can I use Qmail on the networks edge and just use Exchange for the calendar features internally and to forward messages to my staffs Blackberry's?

How hacker/trojan proof can I make DNS and Apache for web services?

What is a good desktop platform?

What do you recommend for the server platform?

What is a good firewall solutions if I where to use a server with 2 nics and linux?


Once again all of the help is appreciated. Also, any good books, tech groups, chat rooms everything and anything you can give me is an asset at this point.

I have not played with Linux since Redhat 5.x Ant that has been atleast 5 years ago when I was running a R&D team in RTP, NC. The only receint experience I have to the command structure is working on many Cisco routers that seem to have similar command structures built into their IOS.

Thanks again,

MCJDaddy





 
Upvote 0 Downvote
[D] My Answers after your questions

A few questions:

Is Samba as easy as it sounds to do Server integration with Microsoft? any tips...

[D] Samba is very well documented and plays quite nicely with others. In fact, the RedHat site itself sports some of the best documents outside of the samba site itself. is always a good reference also.

What can I do to replace Veritas Backup exec?

[D] There are many Unix/Linux backup tools available, shop around, I don't know your requirements.

Do I need an antivirus program for the linux boxes? If so what is it...

[D] There are free and fee-based anti-virus. ClamAV is an excellent free implementation that ties nicely in with qmail (for example)

Can I use Qmail on the networks edge and just use Exchange for the calendar features internally and to forward messages to my staffs Blackberry's?

[D] Yes, it is quite common to build 1+ qmail gateways to filter email at the edge and allow "good" email to reach Exchange. This leverages qmail's 1) high volume, and 2) selective handling capabilities. You can do your anti-spam and anti-virus processing on qmail and let the good stuff into your network.

How hacker/trojan proof can I make DNS and Apache for web services?

[D] Hacker proofing requires dilligence during the life of your implementation. DNS (Bind v9.2.2) has been pretty bug/hack free for quite a while. It can be chroot'd to add even greater comfort. Apache 1.3.29 is the current "stable" and more secure version of Apache. The Apache 2 series is newer and has shown some vulnerabilities over the last year - I would use caution going to Apache 2.

What is a good desktop platform?

[D] Your favorite linux with OpenOffice.org desktop. There are many window managers, which can be loaded several-at-a-time for users to play with. You will need to make a decision about KDE or Gnome for the overall desktop environment, but the reality is that you have a no-lose decision there. Some would argue that KDE has greater adoption... RedHat used to use Gnome for primary and KDE secondary... Not sure what their focus is now.

What do you recommend for the server platform?

[D] Debian is harder to startup but FAR better for server platform and stability. Mandrake is too GUI oriented. RedHat's Fedora is still in maturation IMHO. Suse could be argued as a strong option for-fee.

What is a good firewall solutions if I where to use a server with 2 nics and linux?

[D]



Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
 
Upvote 0 Downvote
You are a life saver. Thanks you for the headstart I will keep you posted on how the test bed then hopefully migration goes.
 
Upvote 0 Downvote
My .02

Is Samba as easy as it sounds to do Server integration with Microsoft? any tips...

You just have to go thru the docs, and plenty of them exist. I feel the hardest part is understanding how the passwords work. Then you simply mount the drives on both ends.

What can I do to replace Veritas Backup exec?

Lone Tar is one of the best.

Do I need an antivirus program for the linux boxes? If so what is it...

Sendmail is difficult to configure, but you can get a lot of help in the groups. With it you can eliminate a lot of the junk and SPAM which cause a lot of the problems.

How hacker/trojan proof can I make DNS and Apache for web services?

DNS works very well, and Apache is superb, a very well written product.

What do you recommend for the server platform?

SCO OpenServer has worked for us for many years. Once it is set up, it is pretty much maintenance free, and just runs and runs.

What is a good firewall solutions if I where to use a server with 2 nics and linux?

Why not use a good router here, which you probably already have set up.

On the whole, UNIX is a little much more difficult to set up, but once you get it running properly, then it runs flawlessly. And it probably runs 50 times faster. One client had a Compaq Server with 1 gig memory, and two 400 MHz processors running IIS with Microsoft SQL. After 5 or 6 the thing would just crawl. Another client with a 350 MHz and 128m memory running SCO, Apache, and Informix could easily handle 30 connections without any problems.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SamBones
  • Locked
  • Question
CentOS 7 and Putty
Replies
2
Views
71
SamBones
SamBones
KannaChan
  • Locked
  • Question
TLS1.2 and TLS1.0 proxy in same Virtualhost
Replies
1
Views
70
ChrisHirst
ChrisHirst
Agent0007
  • Locked
  • Question
HELP Traffic Control of IP
Replies
2
Views
54
Agent0007
Agent0007
theniteowl
  • Locked
  • Question
Parsing data out of files
Replies
0
Views
48
theniteowl
theniteowl
macrun95
  • Locked
  • Question
I had a cifs mount blow up and now
Replies
0
Views
36
macrun95
macrun95

Part and Inventory Search

Sponsor

Back
Top